{"containers": {"cna": {"affected": [{"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P850", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}, {"product": "SICAM P855", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V3.00"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-294", "description": "CWE-294: Authentication Bypass by Capture-replay", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-05-10T09:47:22", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2022-29878", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P850", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}, {"product_name": "SICAM P855", "version": {"version_data": [{"version_value": "All versions < V3.00"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-294: Authentication Bypass by Capture-replay"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:33:43.112Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2022-29878", "datePublished": "2022-05-10T09:47:22", "dateReserved": "2022-04-28T00:00:00", "dateUpdated": "2024-08-03T06:33:43.112Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8500-0aa00-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "29D23CC1-B5EA-4088-8552-6BD00DE6DABC", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8500-0aa00-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "19E9E75A-266E-42F4-A978-1881CFB775D5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8500-0aa00-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F46742A1-FEA3-46E8-A1E4-D8203F3C2CF8", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8500-0aa00-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB0B7A11-AE03-4EDD-B446-CFAE7B83A405", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8500-0aa10-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4676DE8-BCA3-48AF-B90F-6F4331FDD77B", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8500-0aa10-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "97E8F3D9-37A0-4DFD-8131-1664893C2D64", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8500-0aa10-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "98F64393-39B7-49DE-8F50-73E7A5DBAB61", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8500-0aa10-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "5450BA3D-61FE-46EA-AD56-D04D3809D23D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8500-0aa30-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5665988-B892-4C16-837A-DA5D1A1FD241", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8500-0aa30-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE1C19C0-3092-4AB8-A131-3284D3CF0A00", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8500-0aa30-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "50A41D5D-D9CE-4436-92E1-87DFE46E703A", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8500-0aa30-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EC17FD2-8B3B-4331-A0E2-991A0C92E119", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa01-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F555FCD5-A377-4505-9EB9-83D1FC0BA005", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa01-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFAA2339-0C00-4551-958E-76E34DF50F3E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa01-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "209B2BF5-0023-4F35-9E1A-5F271A026FA1", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa01-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC103BEB-FD72-4BCF-8450-8F753986284E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa02-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "81CA2D85-1A58-42FB-BD06-F2E236808890", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa02-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "94BB09DC-2493-4680-A718-847A9F3916C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa02-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D62E4F9-7230-496D-A00A-AB71EC9F56B6", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa02-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "83646A62-58E8-47B3-A3E2-9052A223BA3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa11-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C748EAE-AFA9-4600-85CD-D5E1C4A2ABB4", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa11-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "835E6B3A-D357-478D-AC74-1FB0BF1FB48B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa11-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "48DA971B-28EA-4443-B546-CE066DE5A611", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa11-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC8905ED-8C17-42A3-BB22-95F572A2CD41", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa12-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "90528A32-4827-4A29-8E54-0DBCEF141183", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa12-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "513D4A78-6F4B-421F-BA56-40FF32E12692", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa12-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BECCF69-B791-4F97-94B6-150A52A22543", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa12-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "81A0038B-F453-4530-A681-F37AADF797A2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa31-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8D9B433-4F5F-4C63-B16C-047186B726F5", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa31-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "624701F6-0F97-4A83-A329-38310EA7ABAE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa31-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "93845620-72CC-4C54-BF5C-9E9A9DD0439F", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa31-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "B81F629C-DF39-43F0-AEB9-F66CFCB29E85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa32-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5178FF49-6E30-47D7-892F-1121288E7E8B", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa32-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ED2A92F-04A9-46BC-B334-DB06F55614A7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8501-0aa32-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7E21CE9-87D8-4D20-B343-48AF64E7049D", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8501-0aa32-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "D80D60C5-AF37-4498-919E-CB6589286B3C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8550-0aa00-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9DBF9D2-1C19-43F8-BFCA-1024BFC40DDE", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8550-0aa00-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D3C6DE9-9980-46E6-9468-F8167D5CF692", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8550-0aa00-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B02F4EC-85D5-442E-B71C-A9CA9C3854F6", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8550-0aa00-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C94271C-DAD2-4C53-A701-93A542A3B154", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8550-0aa10-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E24F48D-DC93-4126-8830-A7662AAA87CD", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8550-0aa10-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A1E983D-BE5E-4D3C-AD00-3EFB6775AE80", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8550-0aa10-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "63C21B33-EC43-450A-8F33-0948DD07525B", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8550-0aa10-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AF24A81-2063-4DAB-B6E4-2546042A553C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8550-0aa30-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A402337A-B4A8-4F8D-B826-2EE714864C01", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8550-0aa30-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "15554D33-7C32-44E6-B16E-D0A5AC903E85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8550-0aa30-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6FE0DFE-B877-4E07-9A9C-8AC24259240F", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8550-0aa30-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "34B32039-505A-4815-967B-D11F4D337CE0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa01-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DCF2749-986F-4735-96E8-749E625CAD6A", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa01-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E74BAD6-218E-477C-B2C2-CE0E578A2400", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa01-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7558F27-235F-47B8-9D65-944BF1C92DDF", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa01-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CE65771-9A0E-48AF-A9FE-4705698C8997", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa02-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AEB551BB-4C46-4FA0-B9EF-C70583D02993", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa02-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "9710DFFE-974F-4A82-9E85-3311D84A951F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa02-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1117B8F-7911-4B2E-A9DE-5F8D3FA0DFCF", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa02-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF385121-4F72-4EE3-9EC3-BC9B910E74BD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa11-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CF9E3B9-1DC8-4293-8D2C-9B5CF6F50E23", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa11-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "71F882A2-DFFB-4A07-8F62-E52068EDCC35", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa11-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "83A63834-D7F7-4112-9C03-AF64EA254B35", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa11-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "B93C0DE4-4FE9-4C19-AD4A-805910DD9682", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa12-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C9F3057-5918-4331-863A-46A4FA292F8E", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa12-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "949B5448-5CCA-45A4-8D6B-8FB70EF42A14", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa12-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFFF3159-7FCF-4ACC-B06A-EB6414E01307", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa12-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "634DEE3C-5BB9-446B-A0FD-95764C0B0461", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa31-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC81665F-2064-4F85-88BF-5A3F46178CBE", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa31-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "468D2956-6D5C-48C6-B0C9-868CC9DEA8D9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa31-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B302DC77-B1E2-46DF-8E6A-9F7CCBF6A899", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa31-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "274D904F-D09A-4038-97FE-464BBE97A93B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa32-0aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "976E3302-C339-4057-A0DD-EF40A9A501F4", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa32-0aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "7923FD73-F2FA-4B60-A1E3-F7C4D586269B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:7kg8551-0aa32-2aa0_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A4EF031-920F-4F69-B25A-779ACA4046B8", "versionEndExcluding": "3.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:7kg8551-0aa32-2aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "D72FBA5B-E455-4E07-B39C-70AEE0C26EBF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3. 00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3. 00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3. 00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3.00), SICAM P850 (Todas las versiones anteriores a V3. 00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3. 00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3. 00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3. 00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00), SICAM P855 (Todas las versiones anteriores a V3.00). Los dispositivos afectados usan un rango limitado para los desaf\u00edos que son env\u00edan durante una comunicaci\u00f3n desaf\u00edo-respuesta no cifrada. Un atacante no autenticado podr\u00eda capturar un par desaf\u00edo-respuesta v\u00e1lido generado por un usuario leg\u00edtimo, y solicitar la p\u00e1gina web repetidamente para esperar que vuelva a aparecer el mismo desaf\u00edo para el que sea conocida la respuesta correcta. Esto podr\u00eda permitir al atacante acceder a la interfaz de administraci\u00f3n del dispositivo"}], "id": "CVE-2022-29878", "lastModified": "2024-11-21T06:59:53.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-20T13:15:16.177", "references": [{"source": "productcert@siemens.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-294"}], "source": "productcert@siemens.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-294"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}