{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-47311", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2022-12-21T17:02:52.831Z", "datePublished": "2023-05-22T22:12:51.152Z", "dateUpdated": "2024-08-03T14:47:29.368Z"}, "containers": {"cna": {"title": "CVE-2022-47311", "descriptions": [{"lang": "en", "value": "A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends a value for username and password, which allows successful authentication for a connection."}], "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Dataprobe, Inc.", "product": "Dataprobe iBoot-PDU FW", "versions": [{"status": "affected", "version": "0", "lessThan": "1.42.06162022", "versionType": "custom"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}], "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-263-03"}, {"url": "https://dataprobe.com/support/iboot-pdu/local_upgrade_pdu_procedure.pdf"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", "baseScore": 8.5, "baseSeverity": "HIGH"}}], "x_generator": {"engine": "VINCE 2.1.1", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2022-47311"}, "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-05-22T22:12:51.152Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:47:29.368Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-263-03", "tags": ["x_transferred"]}, {"url": "https://dataprobe.com/support/iboot-pdu/local_upgrade_pdu_procedure.pdf", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4-n20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "05060302-F6DE-4EAF-9356-8CD785ABDE7D", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4-n20:-:*:*:*:*:*:*:*", "matchCriteriaId": "936B8451-A674-49D7-91EC-A03599A6D6AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4sa-n15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D2071B9-BF2C-4A12-BA35-32BB59E210DB", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4sa-n15:-:*:*:*:*:*:*:*", "matchCriteriaId": "1469E464-6784-4B0B-9895-79BA5A1A1CB8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4a-n15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "166422E2-0734-4F7E-B2FE-0EB461AFDD32", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4a-n15:-:*:*:*:*:*:*:*", "matchCriteriaId": "82C1859A-0D39-4D69-B89F-E6AB92D71A38", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4sa-n20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "80159239-E373-4399-AF14-5FC3B1F7BFBF", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4sa-n20:-:*:*:*:*:*:*:*", "matchCriteriaId": "A017B904-A3C4-4070-96F7-9679FD2383C9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4a-n20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FCCC5B8-ED6E-4FCA-BA07-4D2AA1D26F50", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4a-n20:-:*:*:*:*:*:*:*", "matchCriteriaId": "23BC31CA-2061-4141-8600-EF4A9AE7DD2A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8sa-n15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D43D904E-6B72-44B4-A158-D6A7C30504A3", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8sa-n15:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1A43409-AF18-4BD5-A0D4-D27CDD6ABBE6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-n15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB35A114-99E7-44C6-B53B-B293AA9D9815", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-n15:-:*:*:*:*:*:*:*", "matchCriteriaId": "56E2CAAD-8A4D-4F1A-AEF0-034C02965935", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8sa-2n15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C37DFE8A-F733-48D3-8BF6-ECC98A476C54", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8sa-2n15:-:*:*:*:*:*:*:*", "matchCriteriaId": "ACA11FBB-1B4C-4F66-89EF-2D91C0161C4C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-2n15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAD2CA81-44E6-4499-9F5C-502F060A3B8F", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-2n15:-:*:*:*:*:*:*:*", "matchCriteriaId": "58CE9F4A-74BD-4AFC-B019-5D750E2D1E16", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8sa-n20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E012434-72F0-4BD6-ACA4-DF7E12FB9033", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8sa-n20:-:*:*:*:*:*:*:*", "matchCriteriaId": "B64FEC33-D6D9-4F4C-BE43-31D637E6B01F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-n20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F08FCBA2-94B8-44F9-921F-0CDD03D7903A", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-n20:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B1D3E7F-9C2F-48F8-BF49-539570A0986A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-2n20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3577400F-ADC8-4EBF-AFEE-DE165391BE12", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-2n20:-:*:*:*:*:*:*:*", "matchCriteriaId": "0DFC4885-AF94-471E-AE4E-DD26A6A91667", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4-c20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "02EF4F49-FCB7-44C8-BC83-8A3519807338", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4-c20:-:*:*:*:*:*:*:*", "matchCriteriaId": "12B9705B-B21D-450B-A62B-933DC81A19E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4a-c10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B170FD2A-0422-4778-812F-EBCDF19A1253", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4a-c10:-:*:*:*:*:*:*:*", "matchCriteriaId": "B786B2F4-6586-4E05-BDE9-DFDBA7BD3739", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4sa-c10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CC4192B-D9F4-4886-BDDE-5859A89B6221", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4sa-c10:-:*:*:*:*:*:*:*", "matchCriteriaId": "CEBA453E-67D9-4760-89A6-6CF8C632C6A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-c10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A64CD7F9-D8BB-4717-90B5-FBFE01B00CB5", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-c10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5042C3C1-3964-437B-98C1-0458F73B7197", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8sa-c10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB49899D-165E-4B57-A3F5-D6ADDD138E12", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8sa-c10:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBD2B738-620D-42F8-881C-A6B293B724BA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-2c20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E032CC0E-0E19-490A-B3A2-5BA82DA52FC0", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-2c20:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1C46D12-6699-4BAC-AC47-7B150AECAF9B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4sa-c20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE9621CA-4AC7-4BA5-940D-E76E795502A2", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4sa-c20:-:*:*:*:*:*:*:*", "matchCriteriaId": "1139B205-02DA-4155-897C-F5D4191686A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4a-c20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC0AB74D-DFDD-4B8F-9AFB-158E8C09A6F4", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4a-c20:-:*:*:*:*:*:*:*", "matchCriteriaId": "C10BFD7F-0EDC-4CA0-9BEE-2CD0C83CAA05", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-2c10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF765E11-57A1-444F-840B-321944679F4B", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-2c10:-:*:*:*:*:*:*:*", "matchCriteriaId": "518EE433-9E08-40FE-90F7-48E8AC934743", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-c20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4AD7C27-EFF5-4302-9B7F-0AFF190F1893", "versionEndExcluding": "1.42.06162022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-c20:-:*:*:*:*:*:*:*", "matchCriteriaId": "1522EB30-AB31-47E3-B2EB-90CE231C284B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A proprietary protocol for iBoot devices is used for control and keepalive commands. The function compares the username and password; it also contains the configuration data for the user specified. If the user does not exist, then it sends a value for username and password, which allows successful authentication for a connection."}], "id": "CVE-2022-47311", "lastModified": "2023-11-07T03:56:12.277", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.7, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-05-22T23:15:09.423", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Product"], "url": "https://dataprobe.com/support/iboot-pdu/local_upgrade_pdu_procedure.pdf"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-263-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified"}

{}