VDB-190183 · CVE-2022-22722 · SEVD-2022-011-03

Schneider Electric Easergy P5 przed 01.401.101 SSH weak authentication

Odkryto lukę w Schneider Electric Easergy P5 (SCADA Software). Podatnością dotknięta jest nieznana funkcja w komponencie SSH. Aktualizacja do wersji 01.401.101 eliminuje tę podatność.

Pole	2022-01-12 17:46	2022-01-15 09:14
cvss2_vuldb_tempscore	5.9	5.9
cvss3_vuldb_basescore	7.5	7.5
cvss3_vuldb_tempscore	7.2	7.2
cvss3_meta_basescore	7.5	7.5
cvss3_meta_tempscore	7.2	7.2
price_0day	$0-$5k	$0-$5k
vendor	Schneider Electric	Schneider Electric
name	Easergy P5	Easergy P5
component	SSH	SSH
cwe	798 (słabe uwierzytelnianie)	798 (słabe uwierzytelnianie)
risk	2	2
cvss3_vuldb_av	A	A
cvss3_vuldb_ac	H	H
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	H	H
cvss3_vuldb_i	H	H
cvss3_vuldb_a	H	H
cvss3_vuldb_rl	O	O
cvss3_vuldb_rc	C	C
identifier	SEVD-2022-011-03	SEVD-2022-011-03
url	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-03
name	Upgrade	Upgrade
upgrade_version	01.401.101	01.401.101
cve	CVE-2022-22722	CVE-2022-22722
date	1641942000 (2022-01-12)	1641942000 (2022-01-12)
type	SCADA Software	SCADA Software
cvss2_vuldb_av	A	A
cvss2_vuldb_ac	H	H
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	C	C
cvss2_vuldb_ii	C	C
cvss2_vuldb_ai	C	C
cvss2_vuldb_rc	C	C
cvss2_vuldb_rl	OF	OF
cvss2_vuldb_e	ND	ND
cvss3_vuldb_e	X	X
cvss2_vuldb_basescore	6.8	6.8
cve_assigned		1641423600

◂ Poprzedni Przegląd Kolejny ▸

Might our Artificial Intelligence support you?

Check our Alexa App!