ID

VAR-202301-0629


CVE

CVE-2022-43514


TITLE

Siemens Automation License Manager Path Traversal Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2023-02704 // CNNVD: CNNVD-202301-657

DESCRIPTION

A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4), TeleControl Server Basic V3 (All versions < V3.1.2). The affected component does not correctly validate the root path on folder related operations, allowing to modify files and folders outside the intended root directory. This could allow an unauthenticated remote attacker to execute file operations of files outside of the specified root folder. Chained with CVE-2022-43513 this could allow Remote Code Execution. This vulnerability is CVE-2022-43513 And related vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Automation License Manager (ALM) centrally manages license keys for various Siemens software products. Software products that require a license key automatically report this requirement to ALM. When ALM finds a valid license key for this software, it can be used in accordance with the End User License Agreement

Trust: 2.25

sources: NVD: CVE-2022-43514 // JVNDB: JVNDB-2023-001809 // CNVD: CNVD-2023-02704 // VULHUB: VHN-440569

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-02704

AFFECTED PRODUCTS

vendor:siemensmodel:automation license managerscope:eqversion:5.1

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:6.0.9

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:5.2

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:6.0

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:5.0.0

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:5.3.4.4

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:6.0.8

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:5.3

Trust: 1.0

vendor:siemensmodel:automation license managerscope:eqversion:6.0.1

Trust: 1.0

vendor:シーメンスmodel:automation license managerscope: - version: -

Trust: 0.8

vendor:シーメンスmodel:automation license managerscope:eqversion: -

Trust: 0.8

vendor:siemensmodel:automation license managerscope:eqversion:5

Trust: 0.6

vendor:siemensmodel:automation license manager sp9 upd4scope:eqversion:6<6.0

Trust: 0.6

sources: CNVD: CNVD-2023-02704 // JVNDB: JVNDB-2023-001809 // NVD: CVE-2022-43514

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-43514
value: CRITICAL

Trust: 1.0

productcert@siemens.com: CVE-2022-43514
value: HIGH

Trust: 1.0

NVD: CVE-2022-43514
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2023-02704
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202301-657
value: CRITICAL

Trust: 0.6

CNVD: CNVD-2023-02704
severity: HIGH
baseScore: 7.3
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 9.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2022-43514
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

productcert@siemens.com: CVE-2022-43514
baseSeverity: HIGH
baseScore: 7.7
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: LOW
exploitabilityScore: 2.2
impactScore: 5.5
version: 3.1

Trust: 1.0

NVD: CVE-2022-43514
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2023-02704 // JVNDB: JVNDB-2023-001809 // CNNVD: CNNVD-202301-657 // NVD: CVE-2022-43514 // NVD: CVE-2022-43514

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.1

problemtype:Path traversal (CWE-22) [ others ]

Trust: 0.8

sources: VULHUB: VHN-440569 // JVNDB: JVNDB-2023-001809 // NVD: CVE-2022-43514

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202301-657

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202301-657

PATCH

title:SSA-476715url:https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf

Trust: 0.8

title:Patch for Siemens Automation License Manager Path Traversal Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/397256

Trust: 0.6

title:Siemens Automation License Manager Repair measures for path traversal vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=221643

Trust: 0.6

sources: CNVD: CNVD-2023-02704 // JVNDB: JVNDB-2023-001809 // CNNVD: CNNVD-202301-657

EXTERNAL IDS

db:NVDid:CVE-2022-43514

Trust: 3.9

db:SIEMENSid:SSA-476715

Trust: 2.3

db:SIEMENSid:SSA-556635

Trust: 1.0

db:ICS CERTid:ICSA-23-012-10

Trust: 0.8

db:JVNid:JVNVU90782730

Trust: 0.8

db:JVNDBid:JVNDB-2023-001809

Trust: 0.8

db:CNVDid:CNVD-2023-02704

Trust: 0.6

db:CNNVDid:CNNVD-202301-657

Trust: 0.6

db:VULHUBid:VHN-440569

Trust: 0.1

sources: CNVD: CNVD-2023-02704 // VULHUB: VHN-440569 // JVNDB: JVNDB-2023-001809 // CNNVD: CNNVD-202301-657 // NVD: CVE-2022-43514

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/html/ssa-476715.html

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/html/ssa-556635.html

Trust: 1.0

url:https://jvn.jp/vu/jvnvu90782730/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-43514

Trust: 0.8

url:https://www.cisa.gov/news-events/ics-advisories/icsa-23-012-10

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-43514/

Trust: 0.6

sources: CNVD: CNVD-2023-02704 // VULHUB: VHN-440569 // JVNDB: JVNDB-2023-001809 // CNNVD: CNNVD-202301-657 // NVD: CVE-2022-43514

SOURCES

db:CNVDid:CNVD-2023-02704
db:VULHUBid:VHN-440569
db:JVNDBid:JVNDB-2023-001809
db:CNNVDid:CNNVD-202301-657
db:NVDid:CVE-2022-43514

LAST UPDATE DATE

2024-08-14T12:19:56.347000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2023-02704date:2023-01-13T00:00:00
db:VULHUBid:VHN-440569date:2023-01-14T00:00:00
db:JVNDBid:JVNDB-2023-001809date:2023-05-16T04:40:00
db:CNNVDid:CNNVD-202301-657date:2023-01-16T00:00:00
db:NVDid:CVE-2022-43514date:2024-04-09T09:15:19.540

SOURCES RELEASE DATE

db:CNVDid:CNVD-2023-02704date:2023-01-13T00:00:00
db:VULHUBid:VHN-440569date:2023-01-10T00:00:00
db:JVNDBid:JVNDB-2023-001809date:2023-05-16T00:00:00
db:CNNVDid:CNNVD-202301-657date:2023-01-10T00:00:00
db:NVDid:CVE-2022-43514date:2023-01-10T12:15:23.277