ID

VAR-202203-0236


CVE

CVE-2022-22806


TITLE

plural  Schneider Electric  In the product  Capture-replay  Authentication Bypass Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-006736

DESCRIPTION

A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior). Schneider Electric The product has Capture-replay An authentication bypass vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Schneider Electric APC Smart-UPS SMC Series, etc. are all products of the French Schneider Electric (Schneider Electric). The Schneider Electric APC Smart-UPS SMC Series is an entry-level UPS for single server, low-power networking, and point-of-sale (POS) devices. Schneider Electric APC Smart-UPS SMT Series is a line interactive power protection for servers, point of sale, routers, switches, hubs and other network equipment. Schneider Electric APC Smart-UPS SMX Series is an intelligent and efficient network power protection

Trust: 2.25

sources: NVD: CVE-2022-22806 // JVNDB: JVNDB-2022-006736 // CNVD: CNVD-2022-18774 // VULMON: CVE-2022-22806

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-18774

AFFECTED PRODUCTS

vendor:schneider electricmodel:scl series 1029 upsscope:lteversion:02.5

Trust: 1.0

vendor:schneider electricmodel:scl series 1030 upsscope:lteversion:02.5

Trust: 1.0

vendor:schneider electricmodel:scl series 1036 upsscope:lteversion:02.5

Trust: 1.0

vendor:schneider electricmodel:scl series 1037 upsscope:lteversion:03.1

Trust: 1.0

vendor:schneider electricmodel:smc series 1018 upsscope:lteversion:04.2

Trust: 1.0

vendor:schneider electricmodel:smtl series 1026 upsscope:lteversion:02.9

Trust: 1.0

vendor:schneider electricmodel:smx series 1031 upsscope:lteversion:03.1

Trust: 1.0

vendor:schneider electricmodel:smt series 1015 upsscope:lteversion:04.5

Trust: 1.0

vendor:schneider electricmodel:scl シリーズ 1030 upsscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:smt シリーズ 1015 upsscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:scl シリーズ 1029 upsscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:smtl シリーズ 1026 upsscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:smc シリーズ 1018 upsscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:scl シリーズ 1036 upsscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:scl シリーズ 1037 upsscope: - version: -

Trust: 0.8

vendor:schneider electricmodel:smx シリーズ 1031 upsscope: - version: -

Trust: 0.8

vendor:schneidermodel:electric smt series id=1015 <=upsscope:eqversion:04.5

Trust: 0.6

vendor:schneidermodel:electric smc series id=1018 <=upsscope:eqversion:04.2

Trust: 0.6

vendor:schneidermodel:electric smtl series id=1026 <=upsscope:eqversion:02.9

Trust: 0.6

vendor:schneidermodel:electric scl series id=1029 <=upsscope:eqversion:02.5

Trust: 0.6

vendor:schneidermodel:electric scl series id=1037 <=upsscope:eqversion:03.1

Trust: 0.6

vendor:schneidermodel:electric smx series id=1031 <=upsscope:eqversion:03.1

Trust: 0.6

vendor:schneidermodel:electric scl series id=1030 <=upsscope:eqversion:02.5

Trust: 0.6

vendor:schneidermodel:electric scl series id=1036 <=upsscope:eqversion:02.5

Trust: 0.6

sources: CNVD: CNVD-2022-18774 // JVNDB: JVNDB-2022-006736 // NVD: CVE-2022-22806

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-22806
value: CRITICAL

Trust: 1.0

NVD: CVE-2022-22806
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2022-18774
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202203-811
value: CRITICAL

Trust: 0.6

VULMON: CVE-2022-22806
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-22806
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2022-18774
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-22806
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-22806
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-18774 // VULMON: CVE-2022-22806 // JVNDB: JVNDB-2022-006736 // CNNVD: CNNVD-202203-811 // NVD: CVE-2022-22806

PROBLEMTYPE DATA

problemtype:CWE-294

Trust: 1.0

problemtype:Capture-replay authentication evasion by (CWE-294) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-006736 // NVD: CVE-2022-22806

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-811

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202203-811

PATCH

title:Patch for Authentication Bypass Vulnerabilities in Multiple Schneider Electric Productsurl:https://www.cnvd.org.cn/patchInfo/show/325176

Trust: 0.6

title:Schneider Electric Repair measures for multiple product authorization issuesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=185602

Trust: 0.6

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2022/03/09/tlstorm_apc_ups_critical_zero_days/

Trust: 0.1

sources: CNVD: CNVD-2022-18774 // VULMON: CVE-2022-22806 // CNNVD: CNNVD-202203-811

EXTERNAL IDS

db:NVDid:CVE-2022-22806

Trust: 3.9

db:SCHNEIDERid:SEVD-2022-067-02

Trust: 2.5

db:JVNDBid:JVNDB-2022-006736

Trust: 0.8

db:CNVDid:CNVD-2022-18774

Trust: 0.6

db:CS-HELPid:SB2022030912

Trust: 0.6

db:CNNVDid:CNNVD-202203-811

Trust: 0.6

db:VULMONid:CVE-2022-22806

Trust: 0.1

sources: CNVD: CNVD-2022-18774 // VULMON: CVE-2022-22806 // JVNDB: JVNDB-2022-006736 // CNNVD: CNNVD-202203-811 // NVD: CVE-2022-22806

REFERENCES

url:https://www.se.com/ww/en/download/document/sevd-2022-067-02/

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2022-22806

Trust: 1.4

url:https://download.schneider-electric.com/files?p_doc_ref=sevd-2022-067-02

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022030912

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-22806/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/294.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.theregister.co.uk/2022/03/09/tlstorm_apc_ups_critical_zero_days/

Trust: 0.1

url:https://github.com/alphabugx/cve-2022-23305

Trust: 0.1

sources: CNVD: CNVD-2022-18774 // VULMON: CVE-2022-22806 // JVNDB: JVNDB-2022-006736 // CNNVD: CNNVD-202203-811 // NVD: CVE-2022-22806

SOURCES

db:CNVDid:CNVD-2022-18774
db:VULMONid:CVE-2022-22806
db:JVNDBid:JVNDB-2022-006736
db:CNNVDid:CNNVD-202203-811
db:NVDid:CVE-2022-22806

LAST UPDATE DATE

2024-08-14T13:42:58.039000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-18774date:2022-03-12T00:00:00
db:VULMONid:CVE-2022-22806date:2022-05-12T00:00:00
db:JVNDBid:JVNDB-2022-006736date:2023-07-07T08:28:00
db:CNNVDid:CNNVD-202203-811date:2022-04-14T00:00:00
db:NVDid:CVE-2022-22806date:2022-05-12T20:42:18.470

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-18774date:2022-03-12T00:00:00
db:VULMONid:CVE-2022-22806date:2022-03-09T00:00:00
db:JVNDBid:JVNDB-2022-006736date:2023-07-07T00:00:00
db:CNNVDid:CNNVD-202203-811date:2022-03-09T00:00:00
db:NVDid:CVE-2022-22806date:2022-03-09T20:15:08.510