CVE-2024-22388
Published Feb 6, 2024
Last updated a month ago
Overview
- Description
- Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- ics-cert@hq.dhs.gov
- CWE-1188
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hidglobal:iclass_se_cp1000_encoder:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2BB854B8-F5E0-4A00-922C-5B62564DB158"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hidglobal:iclass_se_cp1000_encoder_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA7199D9-8A09-4ABF-926C-BF4739222282"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hidglobal:iclass_se_readers:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "08AA1F70-0EDD-498D-A60A-D7E769765A1B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hidglobal:iclass_se_readers_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F84C363-45B4-40F9-8C8F-93394F2AF318"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hidglobal:iclass_se_reader_modules:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "70B620F5-3B4E-4728-9066-506105282B91"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hidglobal:iclass_se_reader_modules_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B5F3AFC-7213-41E7-800A-78BE8CA53515"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hidglobal:iclass_se_processors:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "029F78BB-6EFE-4CD1-80F3-2B5D476D049C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hidglobal:iclass_se_processors_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95FA7393-0EF9-43A4-9F26-DB48FDC3DAE7"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hidglobal:omnikey_5427ck:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "095B970F-BDB3-449D-8859-ED942B68EC99"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hidglobal:omnikey_5427ck_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70382765-8BA5-4114-9681-BC4118FD6E24"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hidglobal:omnikey_5127ck:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FDB1E42B-DDCE-4333-B9A3-56E046988E40"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hidglobal:omnikey_5127ck_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AD6E73F-E3CA-412B-986F-8582269C2FC1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hidglobal:omnikey_5023:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BA7B4826-9C1C-4685-AD9A-B2A89069A03F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hidglobal:omnikey_5023_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE9661B3-E09D-4A88-AB61-C68E3EC7024C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hidglobal:omnikey_5027:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "71567BE0-8B74-4AF2-840C-E52A31A95BC2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hidglobal:omnikey_5027_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1833B4BD-0205-412A-BDEE-FE993620C941"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]