Details of VAR-202206-1773

ID

VAR-202206-1773

CVE

CVE-2022-30707

TITLE

CAMS for HIS Communication design flaw

Trust: 0.8

sources: JVNDB: JVNDB-2022-001958

DESCRIPTION

Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed (CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00), CENTUM series where CAMS function is used (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R4.01.00 to R4.03.00), CENTUM series regardless of the use of CAMS function (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R5.01.00 to R5.04.20 and R6.01.00 to R6.09.00), Exaopc R3.72.00 to R3.80.00 (only if NTPF100-S6 'For CENTUM VP Support CAMS for HIS' is installed), B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01). If an adjacent attacker successfully compromises a computer using CAMS for HIS software, they can use credentials from the compromised machine to access data from another machine using CAMS for HIS software. This can lead to a disabling of CAMS for HIS software functions on any affected machines, or information disclosure/alteration. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. JPCERT/CC Report to JPCERT/CC Is a developer and ICS-CERT I made adjustments with.If this vulnerability is exploited, it may be affected as follows. * An attacker who has access to the computer on which the product is installed will obtain the account and password stored on that computer. As a result, another CAMS for HIS The data managed by is leaked or tampered with. * Different by the attacker who got the account and password CAMS for HIS Caused resource exhaustion in CAMS for HIS The function of is stopped

Trust: 1.8

sources: NVD: CVE-2022-30707 // JVNDB: JVNDB-2022-001958 // VULHUB: VHN-424307 // VULMON: CVE-2022-30707

AFFECTED PRODUCTS

vendor:	yokogawa	model:	centum vp entry class	scope:	lte	version:	r4.03.00	Trust: 1.0
vendor:	yokogawa	model:	centum vp	scope:	lte	version:	r4.03.00	Trust: 1.0
vendor:	yokogawa	model:	b\/m9000cs	scope:	lte	version:	r5.05.01	Trust: 1.0
vendor:	yokogawa	model:	centum cs 3000	scope:	lte	version:	r3.09.00	Trust: 1.0
vendor:	yokogawa	model:	centum cs 3000 entry class	scope:	lte	version:	r3.09.00	Trust: 1.0
vendor:	yokogawa	model:	b\/m9000 vp	scope:	gte	version:	r6.01.01	Trust: 1.0
vendor:	yokogawa	model:	b\/m9000 vp	scope:	lte	version:	r8.03.01	Trust: 1.0
vendor:	yokogawa	model:	b\/m9000cs	scope:	gte	version:	r5.04.01	Trust: 1.0
vendor:	yokogawa	model:	centum cs 3000	scope:	gte	version:	r3.08.10	Trust: 1.0
vendor:	yokogawa	model:	centum vp	scope:	gte	version:	r6.01.00	Trust: 1.0
vendor:	yokogawa	model:	centum vp entry class	scope:	gte	version:	r5.01.00	Trust: 1.0
vendor:	yokogawa	model:	centum vp entry class	scope:	gte	version:	r6.01.00	Trust: 1.0
vendor:	yokogawa	model:	centum vp	scope:	gte	version:	r5.01.00	Trust: 1.0
vendor:	yokogawa	model:	exaopc	scope:	lte	version:	r3.80.00	Trust: 1.0
vendor:	yokogawa	model:	centum vp entry class	scope:	gte	version:	r4.01.00	Trust: 1.0
vendor:	yokogawa	model:	exaopc	scope:	gte	version:	r3.72.00	Trust: 1.0
vendor:	yokogawa	model:	centum cs 3000 entry class	scope:	gte	version:	r3.08.10	Trust: 1.0
vendor:	yokogawa	model:	centum vp	scope:	gte	version:	r4.01.00	Trust: 1.0
vendor:	yokogawa	model:	centum vp entry class	scope:	lte	version:	r5.04.20	Trust: 1.0
vendor:	yokogawa	model:	centum vp	scope:	lte	version:	r5.04.20	Trust: 1.0
vendor:	yokogawa	model:	centum vp entry class	scope:	lte	version:	r6.09.00	Trust: 1.0
vendor:	yokogawa	model:	centum vp	scope:	lte	version:	r6.09.00	Trust: 1.0
vendor:	横河電機株式会社	model:	centum cs 3000	scope:	-	version:	-	Trust: 0.8
vendor:	横河電機株式会社	model:	exaopc	scope:	-	version:	-	Trust: 0.8
vendor:	横河電機株式会社	model:	centum vp	scope:	-	version:	-	Trust: 0.8
vendor:	横河電機株式会社	model:	b/m9000 cs	scope:	-	version:	-	Trust: 0.8
vendor:	横河電機株式会社	model:	b/m9000 vp	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-001958 // NVD: CVE-2022-30707

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-30707
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2022-001958
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202206-2244
value:	HIGH
Trust: 0.6
VULHUB:	VHN-424307
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-30707
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-424307
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-30707
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2022-001958
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-424307 // JVNDB: JVNDB-2022-001958 // CNNVD: CNNVD-202206-2244 // NVD: CVE-2022-30707

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-001958 // NVD: CVE-2022-30707

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202206-2244

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202206-2244

PATCH

title:	YSAR-22-0006	url:	https://www.yokogawa.co.jp/library/resources/white-papers/yokogawa-security-advisory-report-list/	Trust: 0.8
title:	Yokogawa Exaopc Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=199972	Trust: 0.6

sources: JVNDB: JVNDB-2022-001958 // CNNVD: CNNVD-202206-2244

EXTERNAL IDS

db:	NVD	id:	CVE-2022-30707	Trust: 3.4
db:	JVN	id:	JVNVU92819891	Trust: 2.6
db:	ICS CERT	id:	ICSA-22-174-02	Trust: 2.6
db:	JVNDB	id:	JVNDB-2022-001958	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.3072	Trust: 0.6
db:	CNNVD	id:	CNNVD-202206-2244	Trust: 0.6
db:	VULHUB	id:	VHN-424307	Trust: 0.1
db:	VULMON	id:	CVE-2022-30707	Trust: 0.1

sources: VULHUB: VHN-424307 // VULMON: CVE-2022-30707 // JVNDB: JVNDB-2022-001958 // CNNVD: CNNVD-202206-2244 // NVD: CVE-2022-30707

REFERENCES

url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-02	Trust: 2.7
url:	https://jvn.jp/vu/jvnvu92819891/index.html	Trust: 2.6
url:	https://web-material3.yokogawa.com/1/32780/files/ysar-22-0006-e.pdf	Trust: 1.8
url:	https://web-material3.yokogawa.com/19/32780/files/ysar-22-0006-j.pdf	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-30707	Trust: 0.8
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-174-02	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3072	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-30707/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-424307 // VULMON: CVE-2022-30707 // JVNDB: JVNDB-2022-001958 // CNNVD: CNNVD-202206-2244 // NVD: CVE-2022-30707

CREDITS

Jacob Baines from Dragos, reported this vulnerability to Yokogawa., Inc.

Trust: 0.6

sources: CNNVD: CNNVD-202206-2244

SOURCES

db:	VULHUB	id:	VHN-424307
db:	VULMON	id:	CVE-2022-30707
db:	JVNDB	id:	JVNDB-2022-001958
db:	CNNVD	id:	CNNVD-202206-2244
db:	NVD	id:	CVE-2022-30707

LAST UPDATE DATE

2024-08-14T14:02:32.374000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-424307	date:	2022-07-14T00:00:00
db:	VULMON	id:	CVE-2022-30707	date:	2022-06-28T00:00:00
db:	JVNDB	id:	JVNDB-2022-001958	date:	2024-06-18T01:55:00
db:	CNNVD	id:	CNNVD-202206-2244	date:	2022-07-15T00:00:00
db:	NVD	id:	CVE-2022-30707	date:	2023-08-08T14:21:49.707

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-424307	date:	2022-06-28T00:00:00
db:	VULMON	id:	CVE-2022-30707	date:	2022-06-28T00:00:00
db:	JVNDB	id:	JVNDB-2022-001958	date:	2022-06-23T00:00:00
db:	CNNVD	id:	CNNVD-202206-2244	date:	2022-06-23T00:00:00
db:	NVD	id:	CVE-2022-30707	date:	2022-06-28T13:15:12.497