admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-211xx/CVE-2022-21196.json
cad-safe-bot 84ea2c231f Auto-Update: 2023-07-24T14:00:35.425141+00:00
2023-07-24 14:00:39 +00:00

253 lines
7.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-21196",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-02-18T18:15:12.527",
"lastModified": "2023-07-24T13:50:31.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information."
},
{
"lang": "es",
"value": "MMP: Todas las versiones anteriores a v1.0.3, PTP C-series: Versiones de dispositivos anteriores a v2.8.6.1, y PTMP C-series y A5x: Versiones de dispositivos anteriores a v2.5.4.1, no llevan a cabo las comprobaciones de autorizaci\u00f3n y autenticaci\u00f3n apropiadas en varias rutas de la API. Un atacante puede obtener acceso a estas rutas API y lograr una ejecuci\u00f3n de c\u00f3digo remota, crear una condici\u00f3n de denegaci\u00f3n de servicio y obtener informaci\u00f3n confidencial"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
},
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:airspan:mimosa_management_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.3",
"matchCriteriaId": "064DE49C-CD3C-43AF-864E-D8373EAD9B52"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:airspan:c6x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.6.1",
"matchCriteriaId": "4650A7AA-DD66-4A8B-BB37-4D6789D60B85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:airspan:c6x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "080058F5-00C3-4204-8942-18D5347614B2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:airspan:c5x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.6.1",
"matchCriteriaId": "2C295D0C-2C21-474D-B38F-0EA15FB59113"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:airspan:c5x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3239C7-ADFF-413E-86CD-EDBD86FB1ACB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:airspan:c5c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.6.1",
"matchCriteriaId": "31B5039E-8D62-4EB8-A264-1DBA97CC7289"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:airspan:c5c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9944E65E-56D0-4010-B27B-FD7FE469EC20"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:airspan:a5x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.5.4.1",
"matchCriteriaId": "ECA42797-2BBB-4622-9F57-2BE53E3D8019"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:airspan:a5x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1009C19-795D-4F1A-8C82-A22754E0EBC4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink