{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-38124", "assignerOrgId": "f2815942-3388-4c08-ba09-6c15850fda90", "state": "PUBLISHED", "assignerShortName": "Secomea", "requesterUserId": "44bd1e71-3702-434c-b36b-c1ac3bb0bab6", "dateReserved": "2022-08-10T09:46:05.634Z", "datePublished": "2022-12-13T13:06:17.021Z", "dateUpdated": "2024-08-03T10:45:52.627Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "SiteManager", "vendor": "Secomea", "versions": [{"lessThanOrEqual": "10.0.622425017", "status": "affected", "version": "0", "versionType": "\"custom\""}]}], "datePublic": "2022-12-12T23:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner."}], "value": "Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner."}], "impacts": [{"capecId": "CAPEC-121", "descriptions": [{"lang": "en", "value": "CAPEC-121 Exploit Test APIs"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-267", "description": "CWE-267 Privilege Defined With Unsafe Actions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f2815942-3388-4c08-ba09-6c15850fda90", "shortName": "Secomea", "dateUpdated": "2022-12-13T13:06:17.021Z"}, "references": [{"url": "https://www.secomea.com/support/cybersecurity-advisory/"}], "source": {"defect": ["RD-6294"], "discovery": "EXTERNAL"}, "title": "Unwanted debug tool", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:45:52.627Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.secomea.com/support/cybersecurity-advisory/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBB646D2-225E-4579-A38C-12C86578C4FA", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*", "matchCriteriaId": "29BFC1D6-82B6-4E20-BBFB-63F33373D78B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B8524A9-3DFE-4631-AAB1-32562F36F275", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ABE08F2-C6D0-4CA3-99F4-0654653E7BF3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_1529_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEEE2505-C9E9-4820-95A1-97F1C11EEBEA", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_1529:-:*:*:*:*:*:*:*", "matchCriteriaId": "04157541-64E2-4D44-8101-8BC9972283D0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CDB6569-AC7C-485C-AE08-0AB327B0FB9D", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C5F7D37-729C-4969-9661-C933C9F16980", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E5E5520-93F0-4A55-B0E2-2EB24551F8C0", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*", "matchCriteriaId": "856E0FE1-D1FD-47A3-8DE0-A12F6FBD60E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "986022D5-B335-4E74-AEF5-A8147FDB31B0", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*", "matchCriteriaId": "FF64F7DA-FD12-4231-B792-EF8F79B587CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_1539_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4935E34D-7B75-4362-81BF-1BC455D23BEC", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_1539:-:*:*:*:*:*:*:*", "matchCriteriaId": "5848F390-7F56-44ED-9267-38CA1971DE01", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5EEE5350-A868-480E-9751-7446F985B963", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D26BFEA-056C-4760-8D10-A0DF3677DAD1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "50125628-E81B-4A56-9794-BDD9BDB6CDBD", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*", "matchCriteriaId": "060DA5EF-B6FE-4E02-B0A5-EAAF5CF5AC35", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DBA6309-D9AE-49CB-9FFD-7C4FBFA333AA", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C7D7926-A5F5-46A1-A6B7-3C99130FA609", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_1549_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6772A0C6-E11E-4157-BE84-01A00CA90487", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_1549:-:*:*:*:*:*:*:*", "matchCriteriaId": "402344EC-DDE3-452B-BDD7-63E1DE7EB030", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F26498CC-1921-4A7C-B0E0-626D2681F890", "versionEndExcluding": "10.0.622425017", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*", "matchCriteriaId": "A05A3825-9C8E-43EF-A2DC-F0B06694CCCD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner."}, {"lang": "es", "value": "La herramienta de depuraci\u00f3n en Secomea SiteManager permite al administrador conectado modificar el estado del sistema de manera no deseada."}], "id": "CVE-2022-38124", "lastModified": "2022-12-16T05:02:10.430", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.2, "source": "VulnerabilityReporting@secomea.com", "type": "Secondary"}]}, "published": "2022-12-13T14:15:09.947", "references": [{"source": "VulnerabilityReporting@secomea.com", "tags": ["Vendor Advisory"], "url": "https://www.secomea.com/support/cybersecurity-advisory/"}], "sourceIdentifier": "VulnerabilityReporting@secomea.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-267"}], "source": "VulnerabilityReporting@secomea.com", "type": "Secondary"}]}

{}