CVE-2022-46144
CVSS V2 None
CVSS V3 None
Description
A vulnerability has been identified in SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= 2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= 2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= 2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= 2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= 2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= 2.3 < V3.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.
Overview
- CVE ID
- CVE-2022-46144
- Assigner
- productcert@siemens.com
- Vulnerability Status
- Modified
- Published Version
- 2022-12-13T16:15:25
- Last Modified Date
- 2023-04-11T10:15:17
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| AND | ||||
| cpe:2.3:o:siemens:6gk5622-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | 3.0 |
| cpe:2.3:h:siemens:6gk5622-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5626-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | 3.0 |
| cpe:2.3:h:siemens:6gk5626-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5632-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | 3.0 |
| cpe:2.3:h:siemens:6gk5632-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5636-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | 3.0 |
| cpe:2.3:h:siemens:6gk5636-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5642-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | 3.0 |
| cpe:2.3:h:siemens:6gk5642-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5646-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | 3.0 |
| cpe:2.3:h:siemens:6gk5646-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5622-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | |
| cpe:2.3:h:siemens:6gk5622-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5626-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | |
| cpe:2.3:h:siemens:6gk5626-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5632-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | |
| cpe:2.3:h:siemens:6gk5632-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5636-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | |
| cpe:2.3:h:siemens:6gk5636-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5642-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | |
| cpe:2.3:h:siemens:6gk5642-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR | ||
| AND | ||||
| cpe:2.3:o:siemens:6gk5646-2gs00-2ac2_firmware:*:*:*:*:*:*:*:* | 1 | OR | 2.3 | |
| cpe:2.3:h:siemens:6gk5646-2gs00-2ac2:-:*:*:*:*:*:*:* | 0 | OR |
References
| Reference URL | Reference Tags |
|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-46144 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46144 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-12-13 16:18:30 | Added to TrackCVE | |||
| 2022-12-13 17:22:03 | 2022-12-13T16:15:25.200 | 2022-12-13T16:15:25 | CVE Published Date | updated |
| 2022-12-13 17:22:03 | 2022-12-13T17:15:17 | CVE Modified Date | updated | |
| 2022-12-13 17:22:03 | Received | Awaiting Analysis | Vulnerability Status | updated |
| 2022-12-13 17:22:03 | A vulnerability has been identified in SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= 2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= 2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= 2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= 2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= 2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= 2.3 < V3.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive. | A vulnerability has been identified in SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= 2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= 2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= 2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= 2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= 2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= 2.3 < V3.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive. | Description | updated |
| 2022-12-15 16:18:07 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
| 2022-12-15 21:13:58 | 2022-12-15T20:34:29 | CVE Modified Date | updated | |
| 2022-12-15 21:13:58 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2022-12-15 21:13:58 | NVD-CWE-Other | Weakness Enumeration | new | |
| 2022-12-15 21:13:59 | CPE Information | updated | ||
| 2023-03-14 12:14:51 | 2023-03-14T10:15:25 | CVE Modified Date | updated | |
| 2023-03-14 12:14:51 | Analyzed | Modified | Vulnerability Status | updated |
| 2023-03-14 12:14:56 | Weakness Enumeration | update | ||
| 2023-04-11 12:14:09 | 2023-04-11T10:15:17 | CVE Modified Date | updated | |
| 2023-04-11 12:14:13 | A vulnerability has been identified in SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= 2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= 2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= 2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= 2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= 2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= 2.3 < V3.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive. | A vulnerability has been identified in SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= 2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= 2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= 2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= 2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= 2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= 2.3 < V3.0). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive. | Description | updated |