CVE-2022-22806
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)
Una CWE-294: se presenta una vulnerabilidad de Omisión de la Autenticación Mediante Captura-repetición que podría causar una conexión no autenticada al SAI cuando se envía una conexión malformada. Producto afectado: Familia SmartConnect: Serie SMT (SMT Series ID=1015: UPS 04.5 y anteriores), Serie SMC (SMC Series ID=1018: UPS 04.2 y anteriores), Serie SMTL (SMTL Series ID=1026: UPS 02.9 y anteriores), Serie SCL (SCL Series ID=1029: UPS 02. 5 y anteriores / SCL Series ID=1030: UPS 02.5 y anteriores / SCL Series ID=1036: UPS 02.5 y anteriores / SCL Series ID=1037: UPS 03.1 y anteriores), SMX Series (SMX Series ID=1031: UPS 03.1 y anteriores)
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-07 CVE Reserved
- 2022-03-09 CVE Published
- 2023-09-30 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-294: Authentication Bypass by Capture-replay
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.se.com/ww/en/download/document/SEVD-2022-067-02 | 2022-05-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Schneider-electric Search vendor "Schneider-electric" | Smt Series 1015 Ups Firmware Search vendor "Schneider-electric" for product "Smt Series 1015 Ups Firmware" | <= 04.5 Search vendor "Schneider-electric" for product "Smt Series 1015 Ups Firmware" and version " <= 04.5" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Smt Series 1015 Ups Search vendor "Schneider-electric" for product "Smt Series 1015 Ups" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Smc Series 1018 Ups Firmware Search vendor "Schneider-electric" for product "Smc Series 1018 Ups Firmware" | <= 04.2 Search vendor "Schneider-electric" for product "Smc Series 1018 Ups Firmware" and version " <= 04.2" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Smc Series 1018 Ups Search vendor "Schneider-electric" for product "Smc Series 1018 Ups" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Smtl Series 1026 Ups Firmware Search vendor "Schneider-electric" for product "Smtl Series 1026 Ups Firmware" | <= 02.9 Search vendor "Schneider-electric" for product "Smtl Series 1026 Ups Firmware" and version " <= 02.9" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Smtl Series 1026 Ups Search vendor "Schneider-electric" for product "Smtl Series 1026 Ups" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Scl Series 1029 Ups Firmware Search vendor "Schneider-electric" for product "Scl Series 1029 Ups Firmware" | <= 02.5 Search vendor "Schneider-electric" for product "Scl Series 1029 Ups Firmware" and version " <= 02.5" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Scl Series 1029 Ups Search vendor "Schneider-electric" for product "Scl Series 1029 Ups" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Scl Series 1030 Ups Firmware Search vendor "Schneider-electric" for product "Scl Series 1030 Ups Firmware" | <= 02.5 Search vendor "Schneider-electric" for product "Scl Series 1030 Ups Firmware" and version " <= 02.5" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Scl Series 1030 Ups Search vendor "Schneider-electric" for product "Scl Series 1030 Ups" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Scl Series 1036 Ups Firmware Search vendor "Schneider-electric" for product "Scl Series 1036 Ups Firmware" | <= 02.5 Search vendor "Schneider-electric" for product "Scl Series 1036 Ups Firmware" and version " <= 02.5" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Scl Series 1036 Ups Search vendor "Schneider-electric" for product "Scl Series 1036 Ups" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Scl Series 1037 Ups Firmware Search vendor "Schneider-electric" for product "Scl Series 1037 Ups Firmware" | <= 03.1 Search vendor "Schneider-electric" for product "Scl Series 1037 Ups Firmware" and version " <= 03.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Scl Series 1037 Ups Search vendor "Schneider-electric" for product "Scl Series 1037 Ups" | - | - |
Safe
|
Schneider-electric Search vendor "Schneider-electric" | Smx Series 1031 Ups Firmware Search vendor "Schneider-electric" for product "Smx Series 1031 Ups Firmware" | <= 03.1 Search vendor "Schneider-electric" for product "Smx Series 1031 Ups Firmware" and version " <= 03.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Smx Series 1031 Ups Search vendor "Schneider-electric" for product "Smx Series 1031 Ups" | - | - |
Safe
|