{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-200a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "87DDE988-65E5-4E9B-B31B-E07423E46FBC", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-200a:-:*:*:*:*:*:*:*", "matchCriteriaId": "208B2720-7090-41FB-99EF-20D4BBF07685", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-200e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEB9AF8C-8A6E-4D54-929F-EFE3B91F9847", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-200e:-:*:*:*:*:*:*:*", "matchCriteriaId": "222E1D60-FB10-477A-A21E-EAC902CCC1EF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-200j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "876307F0-F041-4701-9C9F-862EAECBB1E3", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-200j:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8886362-D208-4431-B7C3-CCB3C4819EED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E2B798B-960F-466C-BA50-FA5362032820", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BC7EF0E-9DC4-4126-BA84-990FDE5EC5EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-50e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DF02607-33C7-4722-B15D-D7B32CDF3644", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-50e:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E2F0B95-8905-4CBD-A50D-DD11C3B1639E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ae-50j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA6662F5-6280-46AF-9A2C-6BE7039A54D3", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ae-50j:-:*:*:*:*:*:*:*", "matchCriteriaId": "B167F919-5471-49B0-825B-1D5242B0F0CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ag-150a-a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4049B5F1-E6E9-4486-ABC3-1494468CF4D7", "versionEndIncluding": "3.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ag-150a-a:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E37278D-F466-4D02-A3D2-C784D579156B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ag-150a-j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A86C7B0B-E585-4CFC-BCBA-62F3ED93F7B7", "versionEndIncluding": "3.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ag-150a-j:-:*:*:*:*:*:*:*", "matchCriteriaId": "A95212E0-241E-4AD9-97A4-1F75DF382115", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:eb-50gu-a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8818A82-BCD1-463D-9FE7-E2BA3079EB19", "versionEndIncluding": "7.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:eb-50gu-a:-:*:*:*:*:*:*:*", "matchCriteriaId": "4BC98F5E-1FE9-4C5D-80B5-E90852A9BE0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:eb-50gu-j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "55B3897D-F378-4CCF-8310-10749F80FE53", "versionEndIncluding": "7.10", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:eb-50gu-j:-:*:*:*:*:*:*:*", "matchCriteriaId": "4575CA5F-5B1F-46AF-BD08-7A6C37E7D2F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ew-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "16FC42A3-F3A8-416B-8332-E832776986D5", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ew-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A55E519-0E2B-4809-9453-3D240949AF25", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ew-50e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA0F2AA5-D52C-4EED-8030-2D23655A56E4", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ew-50e:-:*:*:*:*:*:*:*", "matchCriteriaId": "36D3BD0B-F2C0-4DD7-9EC7-A0ADD2001833", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:ew-50j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E99EF75-71FA-40A2-8D03-4ABB07EFD892", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:ew-50j:-:*:*:*:*:*:*:*", "matchCriteriaId": "93A0F1B1-919D-4024-A0FA-D8A4B406F346", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:g-150ad_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D90371C-736F-4964-980B-FC6319ECC638", "versionEndIncluding": "3.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:g-150ad:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E5006DE-989A-4BEC-9255-64CBBB7A7474", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:gb-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D8CD810-00FE-4008-A8C4-66D9A89C72A5", "versionEndIncluding": "3.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:gb-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF1DA319-3B4E-4255-8B09-D4CA82F4CEDD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:gb-50ada-a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0EAF2CA-C57F-4BD7-A325-EE9B4BD0889D", "versionEndIncluding": "3.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:gb-50ada-a:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F3A0876-AAC8-48B2-9081-F0989CBCF3C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:gb-50ada-j_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "96770815-BB9C-439E-8E9D-373EEA423981", "versionEndIncluding": "3.21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:gb-50ada-j:-:*:*:*:*:*:*:*", "matchCriteriaId": "006B9E46-F48B-483B-A909-35A7E5A5A76B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:te-200a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "515703FF-B799-4F47-A813-13CA1D02F45C", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:te-200a:-:*:*:*:*:*:*:*", "matchCriteriaId": "15CCCC0A-AFBE-4C9B-A92C-8E0C5CF2A055", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:te-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "47C8DB00-1741-45AE-A411-227A60538F89", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:te-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "C556A4B8-4351-43AD-9E85-D8736D3799E7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:mitsubishi:tw-50a_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "876361EA-E1E0-42C6-8AA9-C1824909F52A", "versionEndIncluding": "7.97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mitsubishi:tw-50a:-:*:*:*:*:*:*:*", "matchCriteriaId": "2625668C-2AB6-4610-A609-D2B299EA9B53", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD Ver. 3.21 and prior, Air Conditioning System AG-150A-A Ver. 3.21 and prior, Air Conditioning System AG-150A-J Ver. 3.21 and prior, Air Conditioning System GB-50AD Ver. 3.21 and prior, Air Conditioning System GB-50ADA-A Ver. 3.21 and prior, Air Conditioning System GB-50ADA-J Ver. 3.21 and prior, Air Conditioning System EB-50GU-A Ver. 7.10 and prior, Air Conditioning System EB-50GU-J Ver. 7.10 and prior, Air Conditioning System AE-200J Ver. 7.97 and prior, Air Conditioning System AE-200A Ver. 7.97 and prior, Air Conditioning System AE-200E Ver. 7.97 and prior, Air Conditioning System AE-50J Ver. 7.97 and prior, Air Conditioning System AE-50A Ver. 7.97 and prior, Air Conditioning System AE-50E Ver. 7.97 and prior, Air Conditioning System EW-50J Ver. 7.97 and prior, Air Conditioning System EW-50A Ver. 7.97 and prior, Air Conditioning System EW-50E Ver. 7.97 and prior, Air Conditioning System TE-200A Ver. 7.97 and prior, Air Conditioning System TE-50A Ver. 7.97 and prior and Air Conditioning System TW-50A Ver. 7.97 and prior allows a remote unauthenticated attacker to cause a disclosure of encrypted message of the air conditioning systems by sniffing encrypted communications."}, {"lang": "es", "value": "Uso de una vulnerabilidad de Algoritmo Criptogr\u00e1fico Roto o Arriesgado en el Sistema de aire Acondicionado G-150AD Versiones 3.21 y anteriores, el Sistema de aire Acondicionado AG-150A-A Versiones 3.21 y anteriores, el Sistema de aire Acondicionado AG-150A-J Versiones 3.21 y anteriores, el Sistema de aire Acondicionado GB-50AD Versiones 3.21 y anteriores, el Sistema de aire Acondicionado GB-50ADA-A Versiones 3. 21 y anteriores, Sistema de aire Acondicionado GB-50ADA-J Versiones 3.21 y anteriores, Sistema de aire Acondicionado EB-50GU-A Versiones 7.10 y anteriores, Sistema de aire Acondicionado EB-50GU-J Versiones 7.10 y anteriores, Sistema de aire Acondicionado AE-200J Versiones 7.97 y anteriores, Sistema de aire Acondicionado AE-200A Versiones 7.97 y anteriores, Sistema de aire Acondicionado AE-200E Versiones 7.97 y anteriores, Sistema de aire Acondicionado AE-50J Versiones 7.97 y anteriores, Sistema de aire Acondicionado AE-50A Versiones 7.97 y anteriores, Sistema de aire Acondicionado AE-50E Versiones 7.97 y anteriores, Sistema de aire Acondicionado EW-50J Versiones 7.97 y anteriores, Sistema de aire Acondicionado EW-50A Versiones 7.97 y anteriores, Sistema de aire Acondicionado EW-50E Versiones 7. 97 y anteriores, Sistema de aire Acondicionado TE-200A Versiones 7.97 y anteriores, Sistema de aire Acondicionado TE-50A Versiones 7.97 y anteriores y Sistema de aire Acondicionado TW-50A Versiones 7.97 y anteriores permite a un atacante remoto no autenticado causar una divulgaci\u00f3n de mensajes encriptados de los sistemas de aire acondicionado al olfatear las comunicaciones encriptadas"}], "id": "CVE-2022-24296", "lastModified": "2022-06-17T15:36:06.147", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-06-08T15:15:07.927", "references": [{"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/vu/JVNVU95298925/index.html"}, {"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Third Party Advisory"], "url": "https://www.mee.co.jp/psirt/vulnerability/pdf/2022-001.pdf"}, {"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "tags": ["Vendor Advisory"], "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-005_en.pdf"}], "sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-327"}], "source": "nvd@nist.gov", "type": "Primary"}]}
MITRE
Vulnrichment
NVD
Redhat