CVE-2022-3184

CVSS V2 None CVSS V3 None
Description
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory.
Overview
  • CVE ID
  • CVE-2022-3184
  • Assigner
  • ics-cert@hq.dhs.gov
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-21T23:15:09
  • Last Modified Date
  • 2022-12-28T19:13:30
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:dataprobe:iboot-pdu4-n20_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu4-n20:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu4sa-n15_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu4sa-n15:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu4a-n15_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu4a-n15:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu4sa-n20_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu4sa-n20:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu4a-n20_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu4a-n20:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu8sa-n15_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu8sa-n15:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu8a-n15_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu8a-n15:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu8sa-2n15_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu8sa-2n15:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu8a-2n15_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu8a-2n15:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu8sa-n20_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu8sa-n20:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu8a-n20_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu8a-n20:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:dataprobe:iboot-pdu8a-2n20_firmware:*:*:*:*:*:*:*:* 1 OR 1.42.06162022
cpe:2.3:h:dataprobe:iboot-pdu8a-2n20:-:*:*:*:*:*:*:* 0 OR
References
History
Created Old Value New Value Data Type Notes
2022-12-22 00:15:42 Added to TrackCVE
2022-12-22 00:15:42 Weakness Enumeration new
2022-12-22 04:16:52 2022-12-22T03:55:54 CVE Modified Date updated
2022-12-22 04:16:52 Received Awaiting Analysis Vulnerability Status updated
2022-12-22 19:15:44 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-28 19:14:48 2022-12-28T19:13:30 CVE Modified Date updated
2022-12-28 19:14:48 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-28 19:14:51 CPE Information updated