Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2022-25752

Disclosure Date: April 12, 2022
CVE-2022-25752 CVSS v3 Base Score: 9.8
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The webserver of affected devices calculates session ids and nonces in an insecure manner. This could allow an unauthenticated remote attacker to brute-force session ids and hijack existing sessions.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
9.8 Critical
Impact Score:
5.9
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
SCALANCE X302-7 EEC (230V) All versions < V4.1.4
SCALANCE X302-7 EEC (230V, coated) All versions < V4.1.4
SCALANCE X302-7 EEC (24V) All versions < V4.1.4
SCALANCE X302-7 EEC (24V, coated) All versions < V4.1.4
SCALANCE X302-7 EEC (2x 230V) All versions < V4.1.4
SCALANCE X302-7 EEC (2x 230V, coated) All versions < V4.1.4
SCALANCE X302-7 EEC (2x 24V) All versions < V4.1.4
SCALANCE X302-7 EEC (2x 24V, coated) All versions < V4.1.4
SCALANCE X304-2FE All versions < V4.1.4
SCALANCE X306-1LD FE All versions < V4.1.4
SCALANCE X307-2 EEC (230V) All versions < V4.1.4
SCALANCE X307-2 EEC (230V, coated) All versions < V4.1.4
SCALANCE X307-2 EEC (24V) All versions < V4.1.4
SCALANCE X307-2 EEC (24V, coated) All versions < V4.1.4
SCALANCE X307-2 EEC (2x 230V) All versions < V4.1.4
SCALANCE X307-2 EEC (2x 230V, coated) All versions < V4.1.4
SCALANCE X307-2 EEC (2x 24V) All versions < V4.1.4
SCALANCE X307-2 EEC (2x 24V, coated) All versions < V4.1.4
SCALANCE X307-3 All versions < V4.1.4
SCALANCE X307-3 All versions < V4.1.4
SCALANCE X307-3LD All versions < V4.1.4
SCALANCE X307-3LD All versions < V4.1.4
SCALANCE X308-2 All versions < V4.1.4
SCALANCE X308-2 All versions < V4.1.4
SCALANCE X308-2LD All versions < V4.1.4
SCALANCE X308-2LD All versions < V4.1.4
SCALANCE X308-2LH All versions < V4.1.4
SCALANCE X308-2LH All versions < V4.1.4
SCALANCE X308-2LH+ All versions < V4.1.4
SCALANCE X308-2LH+ All versions < V4.1.4
SCALANCE X308-2M All versions < V4.1.4
SCALANCE X308-2M All versions < V4.1.4
SCALANCE X308-2M PoE All versions < V4.1.4
SCALANCE X308-2M PoE All versions < V4.1.4
SCALANCE X308-2M TS All versions < V4.1.4
SCALANCE X308-2M TS All versions < V4.1.4
SCALANCE X310 All versions < V4.1.4
SCALANCE X310 All versions < V4.1.4
SCALANCE X310FE All versions < V4.1.4
SCALANCE X310FE All versions < V4.1.4
SCALANCE X320-1 FE All versions < V4.1.4
SCALANCE X320-1-2LD FE All versions < V4.1.4
SCALANCE X408-2 All versions < V4.1.4
SCALANCE XR324-12M (230V, ports on front) All versions < V4.1.4
SCALANCE XR324-12M (230V, ports on front) All versions < V4.1.4
SCALANCE XR324-12M (230V, ports on rear) All versions < V4.1.4
SCALANCE XR324-12M (230V, ports on rear) All versions < V4.1.4
SCALANCE XR324-12M (24V, ports on front) All versions < V4.1.4
SCALANCE XR324-12M (24V, ports on front) All versions < V4.1.4
SCALANCE XR324-12M (24V, ports on rear) All versions < V4.1.4
SCALANCE XR324-12M (24V, ports on rear) All versions < V4.1.4
SCALANCE XR324-12M TS (24V) All versions < V4.1.4
SCALANCE XR324-12M TS (24V) All versions < V4.1.4
SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) All versions < V4.1.4
SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front) All versions < V4.1.4
SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M EEC (24V, ports on front) All versions < V4.1.4
SCALANCE XR324-4M EEC (24V, ports on front) All versions < V4.1.4
SCALANCE XR324-4M EEC (24V, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M EEC (24V, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) All versions < V4.1.4
SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front) All versions < V4.1.4
SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M EEC (2x 24V, ports on front) All versions < V4.1.4
SCALANCE XR324-4M EEC (2x 24V, ports on front) All versions < V4.1.4
SCALANCE XR324-4M EEC (2x 24V, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M EEC (2x 24V, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M PoE (230V, ports on front) All versions < V4.1.4
SCALANCE XR324-4M PoE (230V, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M PoE (24V, ports on front) All versions < V4.1.4
SCALANCE XR324-4M PoE (24V, ports on rear) All versions < V4.1.4
SCALANCE XR324-4M PoE TS (24V, ports on front) All versions < V4.1.4
SIPLUS NET SCALANCE X308-2 All versions < V4.1.4
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis