CVE-2022-46144

Published Dec 13, 2022

Last updated 2 months ago

CVSS medium 6.5

Overview

Description: A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V2.3), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V2.3), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V2.3), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V2.3), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V2.3), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions), SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) (All versions), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions), SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) (All versions), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-2AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions), SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) (All versions), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions), SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) (All versions). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.
Source: productcert@siemens.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

productcert@siemens.com: CWE-664
nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5622-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12FE7784-D59A-4E1E-8551-06CCFED772E4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5622-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5126C71-4E23-470A-BDD9-E455E5BC645C",
            "versionEndExcluding": "3.0",
            "versionStartIncluding": "2.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5626-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "990EB0C2-0B61-4C6D-92FE-BFAC8E6FF7D1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5626-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C5CB015-BBE7-4D22-A2DD-692D107005AA",
            "versionEndExcluding": "3.0",
            "versionStartIncluding": "2.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5632-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C64B24A5-BC52-4812-80BA-3F183641782F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5632-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E967C6E7-943B-4249-86F9-BF17C00161DB",
            "versionEndExcluding": "3.0",
            "versionStartIncluding": "2.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5636-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0E5F0040-9B10-4E6B-85AE-E4D04CFC42D0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5636-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE7993B0-E74F-46FA-83D5-DB29BCA7AD76",
            "versionEndExcluding": "3.0",
            "versionStartIncluding": "2.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5642-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "900B67C4-DC4D-47FC-9F5A-E53A23398C95"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5642-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F8CBBC5-960B-4A41-8470-E6E58EFACF0C",
            "versionEndExcluding": "3.0",
            "versionStartIncluding": "2.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5646-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2743D36E-2DEC-4250-B1B2-F1009A47590E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5646-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3CEFD91-BD2A-468E-A5E8-4B1EB30D3A45",
            "versionEndExcluding": "3.0",
            "versionStartIncluding": "2.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5622-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12FE7784-D59A-4E1E-8551-06CCFED772E4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5622-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "028A3918-521C-4AF6-AC54-EDBA7805F43B",
            "versionEndExcluding": "2.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5626-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "990EB0C2-0B61-4C6D-92FE-BFAC8E6FF7D1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5626-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BE1CF07-0D43-4AC2-9733-1D3C01E0D504",
            "versionEndExcluding": "2.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5632-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0BF8D49-DB9D-4313-969E-7227D31D03B2",
            "versionEndExcluding": "2.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5632-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C64B24A5-BC52-4812-80BA-3F183641782F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5636-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9373F5DA-412B-4801-9CB2-8D49125EA21A",
            "versionEndExcluding": "2.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5636-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0E5F0040-9B10-4E6B-85AE-E4D04CFC42D0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5642-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D867739D-E78A-4F4B-964F-3D355BC575E5",
            "versionEndExcluding": "2.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5642-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "900B67C4-DC4D-47FC-9F5A-E53A23398C95"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5646-2gs00-2ac2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A5F8C7B-305B-4ADA-B9C1-B38F336927CB",
            "versionEndExcluding": "2.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5646-2gs00-2ac2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2743D36E-2DEC-4250-B1B2-F1009A47590E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References