admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-433xx/CVE-2022-43378.json
René Helmke c621c6fb09 Auto-Update: 2023-04-27T20:00:24.963882+00:00
2023-05-16 16:11:16 +02:00

226 lines
6.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-43378",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-04-18T21:15:07.647",
"lastModified": "2023-04-27T19:31:42.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\nA CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that\ncould cause the user to be tricked into performing unintended actions when external address\nframes are not properly restricted.\n\n\n\n\n\n Affected Products: NetBotz 4 - 355/450/455/550/570\u00a0(V4.7.0\n\n and prior)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cybersecurity@se.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:netbotz_355_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.7.0",
"matchCriteriaId": "49CC6F3B-4CA5-423A-BBCD-B06823117557"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:netbotz_355:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77F177F5-1863-4AF9-81A8-1044ECBD7984"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:netbotz_450_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.7.0",
"matchCriteriaId": "5D19ED56-46B2-49F4-931C-15CA50D17AAA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:netbotz_450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19C9F31A-BFF1-4BE4-86C4-D3B3578152A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:netbotz_455_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.7.0",
"matchCriteriaId": "FC27E834-8A75-4F2F-A300-2990AF2796A5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:netbotz_455:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41630CB-CE60-4979-A0F9-5F66C5C69629"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:netbotz_550_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.7.0",
"matchCriteriaId": "F3A7BE2F-9AFD-4524-97DE-45855381A3D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:netbotz_550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C55DCA01-8401-4002-8692-F26B7A50BCA9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:schneider-electric:netbotz_570_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.7.0",
"matchCriteriaId": "62990842-7902-4AF0-99EE-31188AACCA5A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:schneider-electric:netbotz_570:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3307CFF4-C9A5-40D4-9B1A-B8D06839BC75"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-312-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-312-01-NetBotz_4_Security_Notification.pdf",
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink