ID

VAR-202211-0343


CVE

CVE-2022-30694


TITLE

Cross-site request forgery vulnerability in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2022-020602

DESCRIPTION

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack. simatic s7-1500 software controller , SIMATIC S7-PLCSIM Advanced , simatic wincc runtime A cross-site request forgery vulnerability exists in multiple Siemens products.Information may be obtained. SIMATIC Drive Controllers are designed for the automation of production machines, combining the functions of SIMATIC S7-1500 CPU and SINAMICS S120 drive control. SIMATIC PC Station is a software component for managing SIMATIC software products and interfaces on PCs. SIMATIC S7-1200 CPUs and SIMATIC S7-1500 CPUs have been designed for discrete and continuous control in industrial environments such as manufacturing, food and beverage, and the global chemical industry. SIMATIC S7-1500 Software Controller is a SIMATIC software controller for pc-based automation solutions. SIMATIC S7-300 controllers and SIMATIC S7-400 controllers have been designed for discrete and continuous control in industrial environments such as manufacturing, food and beverage, and the global chemical industry. SIMATIC S7-PLCSIM Advanced simulates S7-1200, S7-1500 and some other PLC derivatives. Includes full network access to simulated PLCs, even in virtual environments. SIMATIC WinAC RTX is a SIMATIC software controller for pc-based automation solutions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SINUMERIK ONE is a digitally native CNC with integrated SIMATIC S7-1500 CPU for automation. SIPLUS extreme products are designed for reliable operation under extreme conditions, based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware as the products on which they are based

Trust: 2.25

sources: NVD: CVE-2022-30694 // JVNDB: JVNDB-2022-020602 // CNVD: CNVD-2022-75547 // VULHUB: VHN-422285

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-75547

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500 cpu 15pro-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518hf-4scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510sp-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1214fcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517tf-3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513r-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215fcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214 fcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-400 pn\/dp v6scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7317-2ek14-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pn\/dp mfpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212fcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1510spscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7154-8fb01-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511tf-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7317-7tk10-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:6es7154-8ab01-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6ag1317-2ek14-7ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:6es7315-2eh14-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6ag1314-6eh04-7ab0scope:ltversion:3.3.19

Trust: 1.0

vendor:siemensmodel:6ag1151-8fb01-2ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517f-3 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6ag1317-2fk14-2ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516f-3 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1212cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518tf-4scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512sp-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7151-8fb01-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:6es7318-3fl01-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516pro fscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3 dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515r-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 software controllerscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6ag1315-2fj14-2ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:sinumerik onescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516t-3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1217cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic wincc runtimescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7154-8fx00-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic pcsscope:lteversion:2.1

Trust: 1.0

vendor:siemensmodel:6es7318-3el01-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6ag1315-2eh14-7ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214fcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1507sscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 15prof-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic drive controller cpu 1504d tfscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7317-7ul10-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512c-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-400 pn\/dp v7scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-plcsim advancedscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515tf-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513prof-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1215fcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518f-4 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515t-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511c-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1507s fscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7317-2fk14-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511f-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513f-1 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6ag1151-8ab01-7ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1211cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1508sscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215 fcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1215cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1513-1 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516tf-3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1508s fscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7314-6eh04-0ab0scope:ltversion:3.3.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515-2 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1515f-2 pnscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3 pn\/dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518t-4scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 151511f-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7151-8ab01-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic drive controller cpu 1507d tfscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1212fcscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7315-2fj14-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1518-4 dpscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511t-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512spf-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:6es7315-7tj10-0ab0scope:ltversion:3.2.19

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu cpu 1513pro-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 151511c-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 12 1214cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1516-3scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511cscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1517-3scope:eqversion: -

Trust: 1.0

vendor:シーメンスmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7317-2fk14-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7154-8fb01-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6ag1151-8ab01-7ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6ag1151-8fb01-2ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic wincc runtimescope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7317-7ul10-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7151-8ab01-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7315-7tj10-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7318-3el01-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7318-3fl01-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7154-8fx00-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7154-8ab01-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7151-8fb01-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7317-2ek14-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7317-7tk10-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7315-2eh14-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7314-6eh04-0ab0scope: - version: -

Trust: 0.8

vendor:シーメンスmodel:6es7315-2fj14-0ab0scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic wincc runtime advancedscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic drive controller familyscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-1200 cpu familyscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpu familyscope: - version: -

Trust: 0.6

vendor:siemensmodel:sinumerik onescope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic et 200pro im154-8 pn/dp cpuscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic et 200pro im154-8f pn/dp cpuscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic et 200pro im154-8fx pn/dp cpuscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic et 200s im151-8 pn/dp cpuscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic et 200s im151-8f pn/dp cpuscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic pc stationscope:gteversion:2.1

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu 314c-2 pn/dpscope:ltversion:3.3.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu pn/dpscope:eqversion:315-2<3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu 315f-2 pn/dpscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu 315t-3 pn/dpscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu pn/dpscope:eqversion:317-2<3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu 317f-2 pn/dpscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu 317t-3 pn/dpscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu 317tf-3 pn/dpscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu pn/dpscope:eqversion:319-3<3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-300 cpu 319f-3 pn/dpscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:simatic s7-400 pn/dp cpu familyscope:eqversion:v6

Trust: 0.6

vendor:siemensmodel:simatic s7-400 pn/dp cpu familyscope:eqversion:v7

Trust: 0.6

vendor:siemensmodel:siplus et 200s im151-8 pn/dp cpuscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:siplus et 200s im151-8f pn/dp cpuscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:siplus s7-300 cpu 314c-2 pn/dpscope:ltversion:3.3.19

Trust: 0.6

vendor:siemensmodel:siplus s7-300 cpu pn/dpscope:eqversion:315-2<3.2.19

Trust: 0.6

vendor:siemensmodel:siplus s7-300 cpu 315f-2 pn/dpscope:ltversion:3.2.19

Trust: 0.6

vendor:siemensmodel:siplus s7-300 cpu pn/dpscope:eqversion:317-2<3.2.19

Trust: 0.6

vendor:siemensmodel:siplus s7-300 cpu 317f-2 pn/dpscope:ltversion:3.2.19

Trust: 0.6

sources: CNVD: CNVD-2022-75547 // JVNDB: JVNDB-2022-020602 // NVD: CVE-2022-30694

CVSS

SEVERITY

CVSSV2

CVSSV3

productcert@siemens.com: CVE-2022-30694
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2022-30694
value: LOW

Trust: 1.0

OTHER: JVNDB-2022-020602
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2022-75547
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202211-2266
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2022-75547
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

productcert@siemens.com: CVE-2022-30694
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2022-30694
baseSeverity: LOW
baseScore: 3.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.1
impactScore: 1.4
version: 3.1

Trust: 1.0

OTHER: JVNDB-2022-020602
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2022-75547 // JVNDB: JVNDB-2022-020602 // CNNVD: CNNVD-202211-2266 // NVD: CVE-2022-30694 // NVD: CVE-2022-30694

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.1

problemtype:Cross-site request forgery (CWE-352) [ others ]

Trust: 0.8

sources: VULHUB: VHN-422285 // JVNDB: JVNDB-2022-020602 // NVD: CVE-2022-30694

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202211-2266

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-202211-2266

PATCH

title:Patch for Cross Site Request Forgery Vulnerability in Several Siemens Productsurl:https://www.cnvd.org.cn/patchInfo/show/360331

Trust: 0.6

title:Siemens SIMATIC Drive Controller Fixes for cross-site request forgery vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=232927

Trust: 0.6

sources: CNVD: CNVD-2022-75547 // CNNVD: CNNVD-202211-2266

EXTERNAL IDS

db:NVDid:CVE-2022-30694

Trust: 3.9

db:SIEMENSid:SSA-478960

Trust: 3.1

db:ICS CERTid:ICSA-22-314-02

Trust: 0.8

db:JVNid:JVNVU93762879

Trust: 0.8

db:JVNDBid:JVNDB-2022-020602

Trust: 0.8

db:CNVDid:CNVD-2022-75547

Trust: 0.7

db:CNNVDid:CNNVD-202211-2266

Trust: 0.6

db:VULHUBid:VHN-422285

Trust: 0.1

sources: CNVD: CNVD-2022-75547 // VULHUB: VHN-422285 // JVNDB: JVNDB-2022-020602 // CNNVD: CNNVD-202211-2266 // NVD: CVE-2022-30694

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-478960.pdf

Trust: 2.5

url:https://jvn.jp/vu/jvnvu93762879/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-30694

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-22-314-02

Trust: 0.8

url:https://cert-portal.siemens.com/productcert/html/ssa-478960.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/siemens-simatic-cross-site-request-forgery-via-login-page-39863

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-30694/

Trust: 0.6

sources: CNVD: CNVD-2022-75547 // VULHUB: VHN-422285 // JVNDB: JVNDB-2022-020602 // CNNVD: CNNVD-202211-2266 // NVD: CVE-2022-30694

SOURCES

db:CNVDid:CNVD-2022-75547
db:VULHUBid:VHN-422285
db:JVNDBid:JVNDB-2022-020602
db:CNNVDid:CNNVD-202211-2266
db:NVDid:CVE-2022-30694

LAST UPDATE DATE

2024-08-14T12:44:38.027000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2022-75547date:2022-11-09T00:00:00
db:VULHUBid:VHN-422285date:2023-01-10T00:00:00
db:JVNDBid:JVNDB-2022-020602date:2023-11-02T08:05:00
db:CNNVDid:CNNVD-202211-2266date:2023-04-12T00:00:00
db:NVDid:CVE-2022-30694date:2023-04-11T10:15:14.597

SOURCES RELEASE DATE

db:CNVDid:CNVD-2022-75547date:2022-11-09T00:00:00
db:VULHUBid:VHN-422285date:2022-11-08T00:00:00
db:JVNDBid:JVNDB-2022-020602date:2023-11-02T00:00:00
db:CNNVDid:CNNVD-202211-2266date:2022-11-08T00:00:00
db:NVDid:CVE-2022-30694date:2022-11-08T11:15:10.413