Lucene search

[email protected]CVE-2022-3281

HistoryOct 17, 2022 - 9:15 a.m.

CVE-2022-3281

2022-10-1709:15:00

CWE-440

[email protected]

web.nvd.nist.gov

wago

pfc100

pfc200

touch panel 600

cc100

edge controller

mac-address-filter

bypass

vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

51.3%

JSON

WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter.

CPENameOperatorVersion
wago:750-8100_firmwarewago 750-8100 firmwarele03.10.08\(22\)
wago:750-8101_firmwarewago 750-8101 firmwarele03.10.08\(22\)
wago:750-8101\/000-010_firmwarewago 750-8101\/000-010 firmwarele03.10.08\(22\)
wago:750-8101\/025-000_firmwarewago 750-8101\/025-000 firmwarele03.10.08\(22\)
wago:750-8102_firmwarewago 750-8102 firmwarele03.10.08\(22\)
wago:750-8102\/025-000_firmwarewago 750-8102\/025-000 firmwarele03.10.08\(22\)
wago:750-8202\/000-011_firmwarewago 750-8202\/000-011 firmwarele03.10.08\(22\)
wago:750-8202\/000-012_firmwarewago 750-8202\/000-012 firmwarele03.10.08\(22\)
wago:750-8202\/000-022_firmwarewago 750-8202\/000-022 firmwarele03.10.08\(22\)
wago:750-8206_firmwarewago 750-8206 firmwarele03.10.08\(22\)

CPE	Name	Operator	Version
wago:750-8100_firmware	wago 750-8100 firmware	le	03.10.08\(22\)
wago:750-8101_firmware	wago 750-8101 firmware	le	03.10.08\(22\)
wago:750-8101\/000-010_firmware	wago 750-8101\/000-010 firmware	le	03.10.08\(22\)
wago:750-8101\/025-000_firmware	wago 750-8101\/025-000 firmware	le	03.10.08\(22\)
wago:750-8102_firmware	wago 750-8102 firmware	le	03.10.08\(22\)
wago:750-8102\/025-000_firmware	wago 750-8102\/025-000 firmware	le	03.10.08\(22\)
wago:750-8202\/000-011_firmware	wago 750-8202\/000-011 firmware	le	03.10.08\(22\)
wago:750-8202\/000-012_firmware	wago 750-8202\/000-012 firmware	le	03.10.08\(22\)
wago:750-8202\/000-022_firmware	wago 750-8202\/000-022 firmware	le	03.10.08\(22\)
wago:750-8206_firmware	wago 750-8206 firmware	le	03.10.08\(22\)

Rows per page:

1-10 of 781

References

cert.vde.com/en/advisories/VDE-2022-042/

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

51.3%

JSON

Related for CVE-2022-3281

cvelist1 nessus1 prion1