CVE-2022-3089 - OpenCVE

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Echelon	I.lon Vision Smartserver

Configuration 1 [-]

AND

cpe:2.3:a:echelon:i.lon_vision:2.2:*:*:*:*:*:*:*

cpe:2.3:h:echelon:smartserver:2.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-23-037-01

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-02-13T16:28:57.920Z

Updated: 2024-08-03T01:00:10.042Z

Reserved: 2022-09-01T18:57:05.237Z

Link: CVE-2022-3089

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-13T17:15:10.763

Modified: 2023-11-07T03:50:46.437

Link: CVE-2022-3089

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-3089", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2022-09-01T18:57:05.237Z", "datePublished": "2023-02-13T16:28:57.920Z", "dateUpdated": "2024-08-03T01:00:10.042Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Smartserver", "vendor": "EnOcean", "versions": [{"status": "affected", "version": " v2.2 SR8/SP8 (4.12.006) with i.LON Vision v2.2 SR8/SP8 (4.12.006)"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Chizuru Toyama of Trend Micro reported this vulnerability to CISA."}], "datePublic": "2023-02-07T18:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n\n\n<span style=\"background-color: rgb(255, 255, 255);\">Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server. </span>\n\n </span>\n\n"}], "value": "\n\n\n\n\nEchelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server. \n\n \n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-02-13T16:28:57.920Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-037-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p></p>\n\n<p>EnOcean Edge released <a target=\"_blank\" rel=\"nofollow\" href=\"https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes\">SmartServer 3.5 Update 2 (v3.52.003)</a>. </p><p>For additional mitigations and workarounds, users should refer to EnOcean\u2019s <a target=\"_blank\" rel=\"nofollow\" href=\"https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1484465/Enhancing+Security\">hardening guide</a></p>"}], "value": "\n\n\n\n\nEnOcean Edge released SmartServer 3.5 Update 2 (v3.52.003) https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes . \n\nFor additional mitigations and workarounds, users should refer to EnOcean\u2019s hardening guide https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1484465/Enhancing+Security \n\n"}], "source": {"advisory": "ICSA-23-037-01", "discovery": "EXTERNAL"}, "title": "EnOcean SmartServer Hard-coded credentials", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:00:10.042Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-037-01", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:echelon:i.lon_vision:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "50970A8A-CC8A-49DA-96EB-18C2E92E4420", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:echelon:smartserver:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1685E1B3-A7F7-4E0F-9BFB-C0CC09739D2B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\n\n\n\n\nEchelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server. \n\n \n\n"}], "id": "CVE-2022-3089", "lastModified": "2023-11-07T03:50:46.437", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.5, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-02-13T17:15:10.763", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Broken Link"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-037-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}