CVE-2022-39158

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-39158
Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks. This could allow a remote attacker to create a denial of service condition that persists until the attack ends.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-459643.pdf Patch Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-787941.pdf
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*
OR cpe:2.3:h:siemens:ruggedcom_rmc8388:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rs416pv2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rs416v2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rs900_\(32m\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rs900g_\(32m\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg2100_\(32m\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg2288:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg2300:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg2300p:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg907r:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg908c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg909r:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg910c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsg920p:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rst2228:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rst2228p:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rst916c:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rst916p:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2022-09-13 10:15

Updated : 2023-11-14 11:15

NVD link : CVE-2022-39158

Mitre link : CVE-2022-39158

CVE.ORG link : CVE-2022-39158

JSON object : View

Products Affected

siemens

  • ruggedcom_rmc8388
  • ruggedcom_rsg2300p
  • ruggedcom_rst916c
  • ruggedcom_rsg2488
  • ruggedcom_rs900_\(32m\)
  • ruggedcom_rsg909r
  • ruggedcom_ros
  • ruggedcom_rs416v2
  • ruggedcom_rs900g_\(32m\)
  • ruggedcom_rs416pv2
  • ruggedcom_rsg920p
  • ruggedcom_rsg907r
  • ruggedcom_rsl910
  • ruggedcom_rst2228
  • ruggedcom_rsg2300
  • ruggedcom_rsg908c
  • ruggedcom_rsg2288
  • ruggedcom_rst916p
  • ruggedcom_rst2228p
  • ruggedcom_rsg910c
  • ruggedcom_rsg2100_\(32m\)
CWE
CWE-400

Uncontrolled Resource Consumption