Common Weakness Enumeration

CWE-330

Discouraged

Use of Insufficiently Random Values

Abstraction: Class · Status: Stable

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

445 vulnerabilities reference this CWE, most recent first.

CVE-2022-36045 (GCVE-0-2022-36045)

Vulnerability from cvelistv5 – Published: 2022-08-31 15:10 – Updated: 2025-04-23 17:47
VLAI
Title
Account takeover via cryptographically weak PRNG in NodeBB Forum
Summary
NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. It utilizes web sockets for instant interactions and real-time notifications. `utils.generateUUID`, a helper function available in essentially all versions of NodeBB (as far back as v1.0.1 and potentially earlier) used a cryptographically insecure Pseudo-random number generator (`Math.random()`), which meant that a specially crafted script combined with multiple invocations of the password reset functionality could enable an attacker to correctly calculate the reset code for an account they do not have access to. This vulnerability impacts all installations of NodeBB. The vulnerability allows for an attacker to take over any account without the involvement of the victim, and as such, the remediation should be applied immediately (either via NodeBB upgrade or cherry-pick of the specific changeset. The vulnerability has been patched in version 2.x and 1.19.x. There is no known workaround, but the patch sets listed above will fully patch the vulnerability.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-330 - Use of Insufficiently Random Values
  • CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Assigner
Impacted products
Vendor Product Version
NodeBB NodeBB Affected: < 1.19.8
Affected: = 2.0.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T09:52:00.523Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-p4cc-w597-6cpm"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/NodeBB/NodeBB/commit/81e3c1ba488d03371a5ce8d0ebb5c5803026e0f9"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/NodeBB/NodeBB/commit/e802fab87f94a13f397f04cfe6068f2f7ddf7888"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-36045",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:50:29.529253Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T17:47:10.412Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NodeBB",
          "vendor": "NodeBB",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.19.8"
            },
            {
              "status": "affected",
              "version": "= 2.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. It utilizes web sockets for instant interactions and real-time notifications. `utils.generateUUID`, a helper function available in essentially all versions of NodeBB (as far back as v1.0.1 and potentially earlier) used a cryptographically insecure Pseudo-random number generator (`Math.random()`), which meant that a specially crafted script combined with multiple invocations of the password reset functionality could enable an attacker to correctly calculate the reset code for an account they do not have access to. This vulnerability impacts all installations of NodeBB. The vulnerability allows for an attacker to take over any account without the involvement of the victim, and as such, the remediation should be applied immediately (either via NodeBB upgrade or cherry-pick of the specific changeset. The vulnerability has been patched in version 2.x and 1.19.x. There is no known workaround, but the patch sets listed above will fully patch the vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-338",
              "description": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-31T15:10:09.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-p4cc-w597-6cpm"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NodeBB/NodeBB/commit/81e3c1ba488d03371a5ce8d0ebb5c5803026e0f9"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/NodeBB/NodeBB/commit/e802fab87f94a13f397f04cfe6068f2f7ddf7888"
        }
      ],
      "source": {
        "advisory": "GHSA-p4cc-w597-6cpm",
        "discovery": "UNKNOWN"
      },
      "title": "Account takeover via cryptographically weak PRNG in NodeBB Forum",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-36045",
          "STATE": "PUBLIC",
          "TITLE": "Account takeover via cryptographically weak PRNG in NodeBB Forum"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NodeBB",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 1.19.8"
                          },
                          {
                            "version_value": "= 2.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NodeBB"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "NodeBB Forum Software is powered by Node.js and supports either Redis, MongoDB, or a PostgreSQL database. It utilizes web sockets for instant interactions and real-time notifications. `utils.generateUUID`, a helper function available in essentially all versions of NodeBB (as far back as v1.0.1 and potentially earlier) used a cryptographically insecure Pseudo-random number generator (`Math.random()`), which meant that a specially crafted script combined with multiple invocations of the password reset functionality could enable an attacker to correctly calculate the reset code for an account they do not have access to. This vulnerability impacts all installations of NodeBB. The vulnerability allows for an attacker to take over any account without the involvement of the victim, and as such, the remediation should be applied immediately (either via NodeBB upgrade or cherry-pick of the specific changeset. The vulnerability has been patched in version 2.x and 1.19.x. There is no known workaround, but the patch sets listed above will fully patch the vulnerability."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-330: Use of Insufficiently Random Values"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-p4cc-w597-6cpm",
              "refsource": "CONFIRM",
              "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-p4cc-w597-6cpm"
            },
            {
              "name": "https://github.com/NodeBB/NodeBB/commit/81e3c1ba488d03371a5ce8d0ebb5c5803026e0f9",
              "refsource": "MISC",
              "url": "https://github.com/NodeBB/NodeBB/commit/81e3c1ba488d03371a5ce8d0ebb5c5803026e0f9"
            },
            {
              "name": "https://github.com/NodeBB/NodeBB/commit/e802fab87f94a13f397f04cfe6068f2f7ddf7888",
              "refsource": "MISC",
              "url": "https://github.com/NodeBB/NodeBB/commit/e802fab87f94a13f397f04cfe6068f2f7ddf7888"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-p4cc-w597-6cpm",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-36045",
    "datePublished": "2022-08-31T15:10:09.000Z",
    "dateReserved": "2022-07-15T00:00:00.000Z",
    "dateUpdated": "2025-04-23T17:47:10.412Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-31034 (GCVE-0-2022-31034)

Vulnerability from cvelistv5 – Published: 2022-06-27 19:00 – Updated: 2025-04-23 18:08
VLAI
Title
Insecure entropy in argo-cd
Summary
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in parameters in Oauth2/OIDC login flows. In each case, using a relatively-predictable (time-based) seed in a non-cryptographically-secure pseudo-random number generator made the parameter less random than required by the relevant spec or by general best practices. In some cases, using too short a value made the entropy even less sufficient. The attacks on login flows which are meant to be mitigated by these parameters are difficult to accomplish but can have a high impact potentially granting an attacker admin access to Argo CD. Patches for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. There are no known workarounds for this vulnerability.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
Vendor Product Version
argoproj argo-cd Affected: >= 0.11.0, < 2.1.16
Affected: >= 2.2.0, < 2.2.10
Affected: >= 2.3.0, < 2.3.5
Affected: >= 2.4.0, < 2.4.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:03:40.296Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2m7h-86qq-fp4v"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/argoproj/argo-cd/commit/17f7f4f462bdb233e1b9b36f67099f41052d8cb0"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-31034",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:52:01.774975Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T18:08:15.653Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-cd",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 0.11.0, \u003c 2.1.16"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.2.0, \u003c 2.2.10"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.3.0, \u003c 2.3.5"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.4.0, \u003c 2.4.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in parameters in Oauth2/OIDC login flows. In each case, using a relatively-predictable (time-based) seed in a non-cryptographically-secure pseudo-random number generator made the parameter less random than required by the relevant spec or by general best practices. In some cases, using too short a value made the entropy even less sufficient. The attacks on login flows which are meant to be mitigated by these parameters are difficult to accomplish but can have a high impact potentially granting an attacker admin access to Argo CD. Patches for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-27T19:00:19.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2m7h-86qq-fp4v"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/17f7f4f462bdb233e1b9b36f67099f41052d8cb0"
        }
      ],
      "source": {
        "advisory": "GHSA-2m7h-86qq-fp4v",
        "discovery": "UNKNOWN"
      },
      "title": "Insecure entropy in argo-cd",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-31034",
          "STATE": "PUBLIC",
          "TITLE": "Insecure entropy in argo-cd"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "argo-cd",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 0.11.0, \u003c 2.1.16"
                          },
                          {
                            "version_value": "\u003e= 2.2.0, \u003c 2.2.10"
                          },
                          {
                            "version_value": "\u003e= 2.3.0, \u003c 2.3.5"
                          },
                          {
                            "version_value": "\u003e= 2.4.0, \u003c 2.4.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "argoproj"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in parameters in Oauth2/OIDC login flows. In each case, using a relatively-predictable (time-based) seed in a non-cryptographically-secure pseudo-random number generator made the parameter less random than required by the relevant spec or by general best practices. In some cases, using too short a value made the entropy even less sufficient. The attacks on login flows which are meant to be mitigated by these parameters are difficult to accomplish but can have a high impact potentially granting an attacker admin access to Argo CD. Patches for this vulnerability has been released in the following Argo CD versions: v2.4.1, v2.3.5, v2.2.10 and v2.1.16. There are no known workarounds for this vulnerability."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-330: Use of Insufficiently Random Values"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2m7h-86qq-fp4v",
              "refsource": "CONFIRM",
              "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2m7h-86qq-fp4v"
            },
            {
              "name": "https://github.com/argoproj/argo-cd/commit/17f7f4f462bdb233e1b9b36f67099f41052d8cb0",
              "refsource": "MISC",
              "url": "https://github.com/argoproj/argo-cd/commit/17f7f4f462bdb233e1b9b36f67099f41052d8cb0"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-2m7h-86qq-fp4v",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-31034",
    "datePublished": "2022-06-27T19:00:19.000Z",
    "dateReserved": "2022-05-18T00:00:00.000Z",
    "dateUpdated": "2025-04-23T18:08:15.653Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-31008 (GCVE-0-2022-31008)

Vulnerability from cvelistv5 – Published: 2022-10-06 00:00 – Updated: 2025-04-23 16:53
VLAI
Title
Predictable credential obfuscation seed value used in rabbitmq-server
Summary
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. Patched versions correctly use a cluster-wide secret for that purpose. This issue has been addressed and Patched versions: `3.10.2`, `3.9.18`, `3.8.32` are available. Users unable to upgrade should disable the Shovel and Federation plugins.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
Impacted products
Vendor Product Version
rabbitmq rabbitmq-server Affected: < 3.8.32
Affected: >= 3.9.0, < 3.9.18
Affected: >= 3.10.0, < 3.10.2
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:03:40.269Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-v9gv-xp36-jgj8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rabbitmq/rabbitmq-server/pull/4841"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-31008",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:56:54.582490Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T16:53:12.123Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "rabbitmq-server",
          "vendor": "rabbitmq",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.8.32"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.9.0, \u003c 3.9.18"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.10.0, \u003c 3.10.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. Patched versions correctly use a cluster-wide secret for that purpose. This issue has been addressed and Patched versions: `3.10.2`, `3.9.18`, `3.8.32` are available. Users unable to upgrade should disable the Shovel and Federation plugins."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-11T00:00:00.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "url": "https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-v9gv-xp36-jgj8"
        },
        {
          "url": "https://github.com/rabbitmq/rabbitmq-server/pull/4841"
        }
      ],
      "source": {
        "advisory": "GHSA-v9gv-xp36-jgj8",
        "discovery": "UNKNOWN"
      },
      "title": "Predictable credential obfuscation seed value used in rabbitmq-server"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-31008",
    "datePublished": "2022-10-06T00:00:00.000Z",
    "dateReserved": "2022-05-18T00:00:00.000Z",
    "dateUpdated": "2025-04-23T16:53:12.123Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-29035 (GCVE-0-2022-29035)

Vulnerability from cvelistv5 – Published: 2022-04-11 18:12 – Updated: 2024-08-03 06:10
VLAI
Summary
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
Vendor Product Version
JetBrains Ktor Affected: 2.0.0 , < 2.0.0 (custom)
Create a notification for this product.
Credits
Dan Wallach
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:10:58.321Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ktorio/ktor/pull/2776"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Native"
          ],
          "product": "Ktor",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2.0.0",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Dan Wallach"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren\u0027t using SecureRandom implementations"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-11T18:12:35.000Z",
        "orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
        "shortName": "JetBrains"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ktorio/ktor/pull/2776"
        }
      ],
      "source": {
        "defect": [
          "KTOR-3656"
        ],
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@jetbrains.com",
          "ID": "CVE-2022-29035",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Ktor",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Native",
                            "version_affected": "\u003c",
                            "version_name": "2.0.0",
                            "version_value": "2.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "JetBrains"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Dan Wallach"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren\u0027t using SecureRandom implementations"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-330: Use of Insufficiently Random Values"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.jetbrains.com/privacy-security/issues-fixed/",
              "refsource": "MISC",
              "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
            },
            {
              "name": "https://github.com/ktorio/ktor/pull/2776",
              "refsource": "MISC",
              "url": "https://github.com/ktorio/ktor/pull/2776"
            }
          ]
        },
        "source": {
          "defect": [
            "KTOR-3656"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
    "assignerShortName": "JetBrains",
    "cveId": "CVE-2022-29035",
    "datePublished": "2022-04-11T18:12:43.000Z",
    "dateReserved": "2022-04-11T00:00:00.000Z",
    "dateUpdated": "2024-08-03T06:10:58.321Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-26851 (GCVE-0-2022-26851)

Vulnerability from cvelistv5 – Published: 2022-04-08 19:50 – Updated: 2024-09-16 16:58
VLAI
Summary
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss.
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
Vendor Product Version
Dell PowerScale OneFS Affected: unspecified , < 8.2.x, 9.0.0.x, 9.1.0.x, 9.1.1.x (Super Tubes), 9.2.0.x (Empire), 9.2.1.x (Flying Scotsman), 9.3.0.x (Gotham), (custom)
Create a notification for this product.
Date Public
2022-04-04 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:18:37.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PowerScale OneFS",
          "vendor": "Dell",
          "versions": [
            {
              "lessThan": "8.2.x, 9.0.0.x, 9.1.0.x, 9.1.1.x (Super Tubes), 9.2.0.x (Empire), 9.2.1.x (Flying Scotsman), 9.3.0.x (Gotham),",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-04-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-08T19:50:30.000Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@dell.com",
          "DATE_PUBLIC": "2022-04-04",
          "ID": "CVE-2022-26851",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PowerScale OneFS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "8.2.x, 9.0.0.x, 9.1.0.x, 9.1.1.x (Super Tubes), 9.2.0.x (Empire), 9.2.1.x (Flying Scotsman), 9.3.0.x (Gotham),"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Dell"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 9.1,
            "baseSeverity": "Critical",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-330: Use of Insufficiently Random Values"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.dell.com/support/kbdoc/en-us/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities",
              "refsource": "MISC",
              "url": "https://www.dell.com/support/kbdoc/en-us/000197991/dell-emc-powerscale-onefs-security-update-for-multiple-component-vulnerabilities"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2022-26851",
    "datePublished": "2022-04-08T19:50:30.796Z",
    "dateReserved": "2022-03-10T00:00:00.000Z",
    "dateUpdated": "2024-09-16T16:58:03.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-26647 (GCVE-0-2022-26647)

Vulnerability from cvelistv5 – Published: 2022-07-12 10:06 – Updated: 2025-04-21 13:52
VLAI
Summary
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204-2 (All versions < V5.2.6), SCALANCE X204-2FM (All versions < V5.2.6), SCALANCE X204-2LD (All versions < V5.2.6), SCALANCE X204-2LD TS (All versions < V5.2.6), SCALANCE X204-2TS (All versions < V5.2.6), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE X206-1 (All versions < V5.2.6), SCALANCE X206-1LD (All versions < V5.2.6), SCALANCE X208 (All versions < V5.2.6), SCALANCE X208PRO (All versions < V5.2.6), SCALANCE X212-2 (All versions < V5.2.6), SCALANCE X212-2LD (All versions < V5.2.6), SCALANCE X216 (All versions < V5.2.6), SCALANCE X224 (All versions < V5.2.6), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204 (All versions < V5.2.6), SCALANCE XF204-2 (All versions < V5.2.6), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SCALANCE XF206-1 (All versions < V5.2.6), SCALANCE XF208 (All versions < V5.2.6). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
Impacted products
Vendor Product Version
Siemens SCALANCE X200-4P IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE X201-3P IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE X201-3P IRT PRO Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE X202-2IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE X202-2P IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE X202-2P IRT PRO Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE X204-2 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X204-2FM Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X204-2LD Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X204-2LD TS Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X204-2TS Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X204IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE X204IRT PRO Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE X206-1 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X206-1LD Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X208 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X208PRO Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X212-2 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X212-2LD Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X216 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE X224 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE XF201-3P IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE XF202-2P IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE XF204 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE XF204-2 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE XF204-2BA IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE XF204IRT Affected: All versions < V5.5.2
Create a notification for this product.
Siemens SCALANCE XF206-1 Affected: All versions < V5.2.6
Create a notification for this product.
Siemens SCALANCE XF208 Affected: All versions < V5.2.6
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:11:43.345Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-26647",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-18T15:23:11.211353Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-21T13:52:17.065Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X200-4P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X201-3P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X201-3P IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X202-2P IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2FM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2LD TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204-2TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X204IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X206-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X206-1LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X208PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X212-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X212-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE X224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF201-3P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF206-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions \u003c V5.5.2), SCALANCE X201-3P IRT (All versions \u003c V5.5.2), SCALANCE X201-3P IRT PRO (All versions \u003c V5.5.2), SCALANCE X202-2IRT (All versions \u003c V5.5.2), SCALANCE X202-2IRT (All versions \u003c V5.5.2), SCALANCE X202-2P IRT (All versions \u003c V5.5.2), SCALANCE X202-2P IRT PRO (All versions \u003c V5.5.2), SCALANCE X204-2 (All versions \u003c V5.2.6), SCALANCE X204-2FM (All versions \u003c V5.2.6), SCALANCE X204-2LD (All versions \u003c V5.2.6), SCALANCE X204-2LD TS (All versions \u003c V5.2.6), SCALANCE X204-2TS (All versions \u003c V5.2.6), SCALANCE X204IRT (All versions \u003c V5.5.2), SCALANCE X204IRT (All versions \u003c V5.5.2), SCALANCE X204IRT PRO (All versions \u003c V5.5.2), SCALANCE X206-1 (All versions \u003c V5.2.6), SCALANCE X206-1LD (All versions \u003c V5.2.6), SCALANCE X208 (All versions \u003c V5.2.6), SCALANCE X208PRO (All versions \u003c V5.2.6), SCALANCE X212-2 (All versions \u003c V5.2.6), SCALANCE X212-2LD (All versions \u003c V5.2.6), SCALANCE X216 (All versions \u003c V5.2.6), SCALANCE X224 (All versions \u003c V5.2.6), SCALANCE XF201-3P IRT (All versions \u003c V5.5.2), SCALANCE XF202-2P IRT (All versions \u003c V5.5.2), SCALANCE XF204 (All versions \u003c V5.2.6), SCALANCE XF204-2 (All versions \u003c V5.2.6), SCALANCE XF204-2BA IRT (All versions \u003c V5.5.2), SCALANCE XF204IRT (All versions \u003c V5.5.2), SCALANCE XF206-1 (All versions \u003c V5.2.6), SCALANCE XF208 (All versions \u003c V5.2.6). The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-11T09:02:19.204Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-26647",
    "datePublished": "2022-07-12T10:06:32.000Z",
    "dateReserved": "2022-03-07T00:00:00.000Z",
    "dateUpdated": "2025-04-21T13:52:17.065Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-26080 (GCVE-0-2022-26080)

Vulnerability from cvelistv5 – Published: 2023-03-16 12:53 – Updated: 2025-02-26 15:04
VLAI
Title
Easily guessable session ID's in NE843 Pulsar Plus Controller
Summary
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
ABB
Impacted products
Vendor Product Version
ABB Pulsar Plus System Controller NE843_S Affected: comcode 150042936
Create a notification for this product.
ABB Infinity DC Power Plant Affected: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415
Create a notification for this product.
Credits
We acknowledge the help of Vlad Ionescu of Facebook Red Team X for reports on the vulnerabilities described in this document.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:56:37.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A6732\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.256117643.1223066510.1678942947-1879524908.1677751217"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-26080",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T15:03:52.076460Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T15:04:35.413Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Pulsar Plus System Controller NE843_S ",
          "vendor": "ABB",
          "versions": [
            {
              "status": "affected",
              "version": "comcode 150042936"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Infinity DC Power Plant",
          "vendor": "ABB",
          "versions": [
            {
              "status": "affected",
              "version": "H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) \u2013 comcode 150047415"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "We acknowledge the help of Vlad Ionescu of Facebook Red Team X for reports on the vulnerabilities described in this document."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant.\u003cp\u003eThis issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) \u2013 comcode 150047415.\u003c/p\u003e"
            }
          ],
          "value": "Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) \u2013 comcode 150047415.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330 Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-16T12:53:29.530Z",
        "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "shortName": "ABB"
      },
      "references": [
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A6732\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.256117643.1223066510.1678942947-1879524908.1677751217"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Easily guessable session ID\u0027s in NE843 Pulsar Plus Controller",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
    "assignerShortName": "ABB",
    "cveId": "CVE-2022-26080",
    "datePublished": "2023-03-16T12:53:29.530Z",
    "dateReserved": "2022-02-28T10:03:33.399Z",
    "dateUpdated": "2025-02-26T15:04:35.413Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-26071 (GCVE-0-2022-26071)

Vulnerability from cvelistv5 – Published: 2022-05-05 16:23 – Updated: 2024-09-17 00:26
VLAI
Summary
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel (TMM) allows an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
f5
References
Impacted products
Vendor Product Version
F5 BIG-IP Affected: 12.1.x
Affected: 11.6.x
Unaffected: 17.0.0 , < 17.0.x* (custom)
Affected: 16.1.x , < 16.1.2.2 (custom)
Affected: 15.1.x , < 15.1.5.1 (custom)
Affected: 14.1.x , < 14.1.4.6 (custom)
Affected: 13.1.x , < 13.1.5 (custom)
Create a notification for this product.
Date Public
2022-05-04 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:56:37.741Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K41440465"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP",
          "vendor": "F5",
          "versions": [
            {
              "status": "affected",
              "version": "12.1.x"
            },
            {
              "status": "affected",
              "version": "11.6.x"
            },
            {
              "lessThan": "17.0.x*",
              "status": "unaffected",
              "version": "17.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "16.1.2.2",
              "status": "affected",
              "version": "16.1.x",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1.5.1",
              "status": "affected",
              "version": "15.1.x",
              "versionType": "custom"
            },
            {
              "lessThan": "14.1.4.6",
              "status": "affected",
              "version": "14.1.x",
              "versionType": "custom"
            },
            {
              "lessThan": "13.1.5",
              "status": "affected",
              "version": "13.1.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-05-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel (TMM) allows an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330 Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-05T16:23:09.000Z",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K41440465"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "DATE_PUBLIC": "2022-05-04T14:00:00.000Z",
          "ID": "CVE-2022-26071",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "17.0.x",
                            "version_value": "17.0.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "16.1.x",
                            "version_value": "16.1.2.2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "15.1.x",
                            "version_value": "15.1.5.1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "14.1.x",
                            "version_value": "14.1.4.6"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "13.1.x",
                            "version_value": "13.1.5"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "12.1.x",
                            "version_value": "12.1.x"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "11.6.x",
                            "version_value": "11.6.x"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "F5"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel (TMM) allows an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-330 Use of Insufficiently Random Values"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K41440465",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K41440465"
            }
          ]
        },
        "source": {
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2022-26071",
    "datePublished": "2022-05-05T16:23:09.931Z",
    "dateReserved": "2022-04-19T00:00:00.000Z",
    "dateUpdated": "2024-09-17T00:26:30.945Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-25752 (GCVE-0-2022-25752)

Vulnerability from cvelistv5 – Published: 2022-04-12 09:07 – Updated: 2024-08-03 04:49
VLAI
Summary
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.
Severity
No CVSS data available.
CWE
  • CWE-330 - Use of Insufficiently Random Values
Assigner
References
Impacted products
Vendor Product Version
Siemens SCALANCE X302-7 EEC (230V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X302-7 EEC (230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X302-7 EEC (24V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X302-7 EEC (24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X302-7 EEC (2x 230V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X302-7 EEC (2x 230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X302-7 EEC (2x 24V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X302-7 EEC (2x 24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X304-2FE Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X306-1LD FE Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-2 EEC (230V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-2 EEC (230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-2 EEC (24V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-2 EEC (24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-2 EEC (2x 230V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-2 EEC (2x 230V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-2 EEC (2x 24V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-2 EEC (2x 24V, coated) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-3 Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X307-3LD Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X308-2 Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X308-2LD Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X308-2LH Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X308-2LH+ Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X308-2M Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X308-2M PoE Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X308-2M TS Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X310 Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X310FE Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X320-1 FE Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X320-1-2LD FE Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE X408-2 Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-12M (230V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-12M (230V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-12M (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-12M (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-12M TS (24V) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M EEC (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M EEC (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M EEC (2x 24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M EEC (2x 24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M PoE (230V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M PoE (230V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M PoE (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M PoE (24V, ports on rear) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SCALANCE XR324-4M PoE TS (24V, ports on front) Affected: All versions < V4.1.4
Create a notification for this product.
Siemens SIPLUS NET SCALANCE X308-2 Affected: All versions < V4.1.4
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:49:43.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SCALANCE X302-7 EEC (230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X302-7 EEC (230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X302-7 EEC (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X302-7 EEC (24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X302-7 EEC (2x 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X302-7 EEC (2x 230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X302-7 EEC (2x 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X302-7 EEC (2x 24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X304-2FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X306-1LD FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-2 EEC (230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-2 EEC (230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-2 EEC (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-2 EEC (24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-2 EEC (2x 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-2 EEC (2x 230V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-2 EEC (2x 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-2 EEC (2x 24V, coated)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-3LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X307-3LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2LH",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2LH",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2LH+",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2LH+",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2M PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2M PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2M TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X308-2M TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X310",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X310",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X310FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X310FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X320-1 FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X320-1-2LD FE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE X408-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M TS (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-12M TS (24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M PoE (230V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M PoE (230V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M PoE (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M PoE (24V, ports on rear)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SCALANCE XR324-4M PoE TS (24V, ports on front)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        },
        {
          "product": "SIPLUS NET SCALANCE X308-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330: Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-12T09:07:46.000Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2022-25752",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SCALANCE X302-7 EEC (230V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X302-7 EEC (230V, coated)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X302-7 EEC (24V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X302-7 EEC (24V, coated)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X302-7 EEC (2x 230V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X302-7 EEC (2x 230V, coated)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X302-7 EEC (2x 24V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X302-7 EEC (2x 24V, coated)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X304-2FE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X306-1LD FE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-2 EEC (230V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-2 EEC (230V, coated)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-2 EEC (24V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-2 EEC (24V, coated)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-2 EEC (2x 230V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-2 EEC (2x 230V, coated)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-2 EEC (2x 24V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-2 EEC (2x 24V, coated)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-3",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-3",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-3LD",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X307-3LD",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2LD",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2LD",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2LH",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2LH",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2LH+",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2LH+",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2M",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2M",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2M PoE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2M PoE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2M TS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X308-2M TS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X310",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X310",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X310FE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X310FE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X320-1 FE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X320-1-2LD FE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE X408-2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M (230V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M (230V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M (230V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M (230V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M (24V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M (24V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M (24V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M (24V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M TS (24V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-12M TS (24V)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (24V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (24V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (24V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (24V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (2x 24V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M EEC (2x 24V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M PoE (230V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M PoE (230V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M PoE (24V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M PoE (24V, ports on rear)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SCALANCE XR324-4M PoE TS (24V, ports on front)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIPLUS NET SCALANCE X308-2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V4.1.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-330: Use of Insufficiently Random Values"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-836527.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-25752",
    "datePublished": "2022-04-12T09:07:46.000Z",
    "dateReserved": "2022-02-22T00:00:00.000Z",
    "dateUpdated": "2024-08-03T04:49:43.562Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-3959 (GCVE-0-2022-3959)

Vulnerability from cvelistv5 – Published: 2022-11-11 00:00 – Updated: 2025-04-15 13:16
VLAI
Title
drogon Session Hash small space of random values
Summary
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1. Affected by this issue is some unknown functionality of the component Session Hash Handler. The manipulation leads to small space of random values. The attack may be launched remotely. Upgrading to version 1.8.2 is able to address this issue. The name of the patch is c0d48da99f66aaada17bcd28b07741cac8697647. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-213464.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-330 - Insufficiently Random Values -> CWE-331 Insufficient Entropy -> CWE-334 Small Space of Random Values
Assigner
Impacted products
Vendor Product Version
unspecified drogon Affected: 1.8.0
Affected: 1.8.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:27:53.071Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/drogonframework/drogon/pull/1433"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/drogonframework/drogon/releases/tag/v1.8.2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/drogonframework/drogon/commit/c0d48da99f66aaada17bcd28b07741cac8697647"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.213464"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-3959",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T17:05:45.544107Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T13:16:00.717Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "drogon",
          "vendor": "unspecified",
          "versions": [
            {
              "status": "affected",
              "version": "1.8.0"
            },
            {
              "status": "affected",
              "version": "1.8.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1. Affected by this issue is some unknown functionality of the component Session Hash Handler. The manipulation leads to small space of random values. The attack may be launched remotely. Upgrading to version 1.8.2 is able to address this issue. The name of the patch is c0d48da99f66aaada17bcd28b07741cac8697647. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-213464."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "CWE-330 Insufficiently Random Values -\u003e CWE-331 Insufficient Entropy -\u003e CWE-334 Small Space of Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-11T00:00:00.000Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "url": "https://github.com/drogonframework/drogon/pull/1433"
        },
        {
          "url": "https://github.com/drogonframework/drogon/releases/tag/v1.8.2"
        },
        {
          "url": "https://github.com/drogonframework/drogon/commit/c0d48da99f66aaada17bcd28b07741cac8697647"
        },
        {
          "url": "https://vuldb.com/?id.213464"
        }
      ],
      "title": "drogon Session Hash small space of random values",
      "x_generator": "vuldb.com"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2022-3959",
    "datePublished": "2022-11-11T00:00:00.000Z",
    "dateReserved": "2022-11-11T00:00:00.000Z",
    "dateUpdated": "2025-04-15T13:16:00.717Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design
  • Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
  • In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
  • Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Implementation

Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.

Mitigation MIT-2
Architecture and Design Requirements

Strategy: Libraries or Frameworks

Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").

CAPEC-112: Brute Force

In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.

CAPEC-485: Signature Spoofing by Key Recreation

An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

CAPEC-59: Session Credential Falsification through Prediction

This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.