CVE-2022-2338

{"id": "CVE-2022-2338", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.6}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}]}, "published": "2022-08-17T21:15:09.270", "references": [{"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.html", "tags": ["Mitigation", "Vendor Advisory"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-319"}]}], "descriptions": [{"lang": "en", "value": "Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server."}, {"lang": "es", "value": "Softing Secure Integration Server versi\u00f3n V1.22, es vulnerable a una omisi\u00f3n de la autenticaci\u00f3n por medio de un ataque de tipo \"machine-in-the-middle\". Por defecto, la interfaz de administraci\u00f3n es accesible por medio del protocolo HTTP en texto plano, lo que facilita el ataque. La petici\u00f3n HTTP puede contener la cookie de sesi\u00f3n en la petici\u00f3n, que puede ser capturada para su uso en la autenticaci\u00f3n al servidor."}], "lastModified": "2022-08-19T12:36:09.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:softing:edgeaggregator:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E07A55-5FA0-402D-BB22-FA8D3D8C484D"}, {"criteria": "cpe:2.3:a:softing:edgeconnector:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62FE322E-A720-4E08-9058-3BAC295E720B"}, {"criteria": "cpe:2.3:a:softing:opc:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9916828-8213-47D4-B294-8112B241F32C"}, {"criteria": "cpe:2.3:a:softing:opc_ua_c\\+\\+_software_development_kit:6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA185EBD-8048-4B1C-A476-4AE61831ACF7"}, {"criteria": "cpe:2.3:a:softing:secure_integration_server:1.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BF8EC24-9C94-4C55-A496-5DD524B981C4"}, {"criteria": "cpe:2.3:a:softing:uagates:1.74:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DD68DEC-1E1C-456F-8FC2-F3EF9A72B012"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}