CVE-2022-3073
CVSS V2 None
CVSS V3 None
Description
Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser environment. The affected script is '*-schema.js'.
Overview
- CVE ID
- CVE-2022-3073
- Assigner
- info@cert.vde.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-14T09:15:09
- Last Modified Date
- 2022-12-16T17:43:10
Weakness Enumerations
CPE Configuration (Product)
CPE | Vulnerable | Operator | Version Start | Version End |
---|---|---|---|---|
AND | ||||
cpe:2.3:o:weidmueller:19_iot_md01_lan_h4_s0011_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
cpe:2.3:h:weidmueller:19_iot_md01_lan_h4_s0011:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:weidmueller:fp_iot_md01_4eu_s2_00000_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
cpe:2.3:h:weidmueller:fp_iot_md01_4eu_s2_00000:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:weidmueller:fp_iot_md01_lan_s2_00000_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
cpe:2.3:h:weidmueller:fp_iot_md01_lan_s2_00000:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:weidmueller:fp_iot_md01_lan_s2_00011_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
cpe:2.3:h:weidmueller:fp_iot_md01_lan_s2_00011:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:weidmueller:fp_iot_md02_4eu_s3_00000_firmware:-:*:*:*:*:*:*:* | 1 | OR | ||
cpe:2.3:h:weidmueller:fp_iot_md02_4eu_s3_00000:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:weidmueller:iot-gw30_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.16.0 | |
cpe:2.3:h:weidmueller:iot-gw30:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.16.0 | |
cpe:2.3:h:weidmueller:iot-gw30-4g-eu:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.16.0 | |
cpe:2.3:h:weidmueller:uc20-wl2000-ac:-:*:*:*:*:*:*:* | 0 | OR | ||
AND | ||||
cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:*:*:*:*:*:*:*:* | 1 | OR | 1.16.0 | |
cpe:2.3:h:weidmueller:uc20-wl2000-iot:-:*:*:*:*:*:*:* | 0 | OR |
References
Reference URL | Reference Tags |
---|---|
https://cert.vde.com/de/advisories/VDE-2022-056/ |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-3073 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3073 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2022-12-14 09:16:52 | Added to TrackCVE | |||
2022-12-14 14:15:29 | 2022-12-14T09:15:09.163 | 2022-12-14T09:15:09 | CVE Published Date | updated |
2022-12-14 14:15:29 | 2022-12-14T14:09:52 | CVE Modified Date | updated | |
2022-12-14 14:15:29 | Received | Awaiting Analysis | Vulnerability Status | updated |
2022-12-18 04:35:28 | 2022-12-16T17:43:10 | CVE Modified Date | updated | |
2022-12-18 04:35:29 | Awaiting Analysis | Analyzed | Vulnerability Status | updated |
2022-12-18 04:35:41 | CPE Information | updated |