CVE-2022-1300
Missing authentication in TRUMPF products may result in corruption of data
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service.
Varias versiones de los productos TRUMPF TruTops exponen una función de servicio sin la autenticación necesaria. La ejecución de esta función puede resultar en un acceso no autorizado a la modificación de datos o a la interrupción de todo el servicio
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-04-11 CVE Reserved
- 2022-05-02 CVE Published
- 2023-11-23 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-306: Missing Authentication for Critical Function
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://cert.vde.com/en/advisories/VDE-2022-016 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Trumpf Search vendor "Trumpf" | Trutops Boost Search vendor "Trumpf" for product "Trutops Boost" | >= 13.01 <= 13.05 Search vendor "Trumpf" for product "Trutops Boost" and version " >= 13.01 <= 13.05" | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Trutops Boost Search vendor "Trumpf" for product "Trutops Boost" | 13.08.21 Search vendor "Trumpf" for product "Trutops Boost" and version "13.08.21" | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Trutops Fab Search vendor "Trumpf" for product "Trutops Fab" | >= 22.01 <= 22.05 Search vendor "Trumpf" for product "Trutops Fab" and version " >= 22.01 <= 22.05" | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Trutops Fab Search vendor "Trumpf" for product "Trutops Fab" | 22.08.21 Search vendor "Trumpf" for product "Trutops Fab" and version "22.08.21" | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Trutops Monitor Search vendor "Trumpf" for product "Trutops Monitor" | >= 22.01 <= 22.05 Search vendor "Trumpf" for product "Trutops Monitor" and version " >= 22.01 <= 22.05" | - |
Affected
| ||||||
| Trumpf Search vendor "Trumpf" | Trutops Monitor Search vendor "Trumpf" for product "Trutops Monitor" | 22.08.21 Search vendor "Trumpf" for product "Trutops Monitor" and version "22.08.21" | - |
Affected
| ||||||