CVE-2022-22518
Published Apr 7, 2022
Last updated 3 years ago
Overview
- Description
- A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.
- Source
- info@cert.vde.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:N
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6EFFE98-C633-4C31-9FDA-F88C4CE7A04B",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_for_beckhoff_cx9020:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6492A42C-B284-4981-9DA0-6CCDA56987FD",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "471215BE-80E8-4191-BD3A-863E62FDD021",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C97B5A4-BCA2-4B0F-9A06-676F0AA0D55A",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E50B1160-AC34-435E-8761-92AD66CC20BF",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC0DF7A9-11CA-4622-8C9F-89AB063E26D2",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1320EE2C-DE77-4E23-A7C6-0579886C83B7",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D57C6EB7-AF27-4FEF-9202-4235D28CEA9B",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96A593C8-0EFE-46F1-B80C-F2FB909FC890",
"versionEndExcluding": "4.5.0.0",
"versionStartIncluding": "4.4.0.0"
},
{
"criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9D653AF-79DA-4975-973D-1054069A5D13",
"versionEndExcluding": "3.5.18.0",
"versionStartIncluding": "3.5.17.0"
}
],
"operator": "OR"
}
]
}
]