cvelistv5 - cve-2022-40631

CVE-2022-40631 (GCVE-0-2022-40631)

Vulnerability from cvelistv5

Published

2022-10-11 00:00

Modified

2024-08-03 12:21

Severity ?

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Summary

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT (All versions < V5.5.0), SCALANCE X201-3P IRT PRO (All versions < V5.5.0), SCALANCE X202-2IRT (All versions < V5.5.0), SCALANCE X202-2P IRT (All versions < V5.5.0), SCALANCE X202-2P IRT PRO (All versions < V5.5.0), SCALANCE X204-2 (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X204IRT (All versions < V5.5.0), SCALANCE X204IRT PRO (All versions < V5.5.0), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < V5.5.0), SCALANCE XF202-2P IRT (All versions < V5.5.0), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204-2 (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < V5.5.0), SCALANCE XF204IRT (All versions < V5.5.0), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.0). There is a cross-site scripting vulnerability on the affected devices, that if used by a threat actor, it could result in session hijacking.

References

URL

Tags

https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf

Impacted products

Vendor

Product

Version

Siemens

SCALANCE X200-4P IRT

Version: All versions < V5.5.0

Siemens	SCALANCE X201-3P IRT	Version: All versions < V5.5.0
Siemens	SCALANCE X201-3P IRT PRO	Version: All versions < V5.5.0
Siemens	SCALANCE X202-2IRT	Version: All versions < V5.5.0
Siemens	SCALANCE X202-2P IRT	Version: All versions < V5.5.0
Siemens	SCALANCE X202-2P IRT PRO	Version: All versions < V5.5.0
Siemens	SCALANCE X204-2	Version: All versions < V5.2.5
Siemens	SCALANCE X204-2FM	Version: All versions < V5.2.5
Siemens	SCALANCE X204-2LD	Version: All versions < V5.2.5
Siemens	SCALANCE X204-2LD TS	Version: All versions < V5.2.5
Siemens	SCALANCE X204-2TS	Version: All versions < V5.2.5
Siemens	SCALANCE X204IRT	Version: All versions < V5.5.0
Siemens	SCALANCE X204IRT PRO	Version: All versions < V5.5.0
Siemens	SCALANCE X206-1	Version: All versions < V5.2.5
Siemens	SCALANCE X206-1LD	Version: All versions < V5.2.5
Siemens	SCALANCE X208	Version: All versions < V5.2.5
Siemens	SCALANCE X208PRO	Version: All versions < V5.2.5
Siemens	SCALANCE X212-2	Version: All versions < V5.2.5
Siemens	SCALANCE X212-2LD	Version: All versions < V5.2.5
Siemens	SCALANCE X216	Version: All versions < V5.2.5
Siemens	SCALANCE X224	Version: All versions < V5.2.5
Siemens	SCALANCE XF201-3P IRT	Version: All versions < V5.5.0
Siemens	SCALANCE XF202-2P IRT	Version: All versions < V5.5.0
Siemens	SCALANCE XF204	Version: All versions < V5.2.5
Siemens	SCALANCE XF204-2	Version: All versions < V5.2.5
Siemens	SCALANCE XF204-2BA IRT	Version: All versions < V5.5.0
Siemens	SCALANCE XF204IRT	Version: All versions < V5.5.0
Siemens	SCALANCE XF206-1	Version: All versions < V5.2.5
Siemens	SCALANCE XF208	Version: All versions < V5.2.5
Siemens	SIPLUS NET SCALANCE X202-2P IRT	Version: All versions < V5.5.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:21:46.592Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SCALANCE X200-4P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE X201-3P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE X201-3P IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE X202-2IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE X202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE X202-2P IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE X204-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X204-2FM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X204-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X204-2LD TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X204-2TS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE X204IRT PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE X206-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X206-1LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X208PRO",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X212-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X212-2LD",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE X224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE XF201-3P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE XF202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE XF204-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE XF204-2BA IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE XF204IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        },
        {
          "product": "SCALANCE XF206-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SCALANCE XF208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.2.5"
            }
          ]
        },
        {
          "product": "SIPLUS NET SCALANCE X202-2P IRT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.5.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions \u003c V5.5.0), SCALANCE X201-3P IRT (All versions \u003c V5.5.0), SCALANCE X201-3P IRT PRO (All versions \u003c V5.5.0), SCALANCE X202-2IRT (All versions \u003c V5.5.0), SCALANCE X202-2P IRT (All versions \u003c V5.5.0), SCALANCE X202-2P IRT PRO (All versions \u003c V5.5.0), SCALANCE X204-2 (All versions \u003c V5.2.5), SCALANCE X204-2FM (All versions \u003c V5.2.5), SCALANCE X204-2LD (All versions \u003c V5.2.5), SCALANCE X204-2LD TS (All versions \u003c V5.2.5), SCALANCE X204-2TS (All versions \u003c V5.2.5), SCALANCE X204IRT (All versions \u003c V5.5.0), SCALANCE X204IRT PRO (All versions \u003c V5.5.0), SCALANCE X206-1 (All versions \u003c V5.2.5), SCALANCE X206-1LD (All versions \u003c V5.2.5), SCALANCE X208 (All versions \u003c V5.2.5), SCALANCE X208PRO (All versions \u003c V5.2.5), SCALANCE X212-2 (All versions \u003c V5.2.5), SCALANCE X212-2LD (All versions \u003c V5.2.5), SCALANCE X216 (All versions \u003c V5.2.5), SCALANCE X224 (All versions \u003c V5.2.5), SCALANCE XF201-3P IRT (All versions \u003c V5.5.0), SCALANCE XF202-2P IRT (All versions \u003c V5.5.0), SCALANCE XF204 (All versions \u003c V5.2.5), SCALANCE XF204-2 (All versions \u003c V5.2.5), SCALANCE XF204-2BA IRT (All versions \u003c V5.5.0), SCALANCE XF204IRT (All versions \u003c V5.5.0), SCALANCE XF206-1 (All versions \u003c V5.2.5), SCALANCE XF208 (All versions \u003c V5.2.5), SIPLUS NET SCALANCE X202-2P IRT (All versions \u003c V5.5.0). There is a cross-site scripting vulnerability on the affected devices, that if used by a threat actor, it could result in session hijacking."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-11T00:00:00.000Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501891.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-40631",
    "datePublished": "2022-10-11T00:00:00.000Z",
    "dateReserved": "2022-09-13T00:00:00.000Z",
    "dateUpdated": "2024-08-03T12:21:46.592Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2022-AVI-897

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Siemens	N/A	Se référer aux bulletins de sécurité de l'éditeur (cf. section Documentation) pour la liste complète des systèmes affectés

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-697140 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-649853 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-552702 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-572005 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-501891 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-568427 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-928782 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-898115 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-384224 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-611756 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-935500 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-955858 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-313313 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-836027 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-360783 du 11 octobre 2022	None	vendor-advisory
Bulletin de sécurité Siemens ssa-258115 du 11 octobre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Se r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur (cf. section Documentation) pour la liste compl\u00e8te des syst\u00e8mes affect\u00e9s",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-41665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41665"
    },
    {
      "name": "CVE-2022-41851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41851"
    },
    {
      "name": "CVE-2022-40179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40179"
    },
    {
      "name": "CVE-2022-40182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40182"
    },
    {
      "name": "CVE-2022-40181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40181"
    },
    {
      "name": "CVE-2022-37864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37864"
    },
    {
      "name": "CVE-2022-31766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31766"
    },
    {
      "name": "CVE-2022-38371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38371"
    },
    {
      "name": "CVE-2022-40177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40177"
    },
    {
      "name": "CVE-2022-40226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40226"
    },
    {
      "name": "CVE-2022-40176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40176"
    },
    {
      "name": "CVE-2022-36362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36362"
    },
    {
      "name": "CVE-2022-40180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40180"
    },
    {
      "name": "CVE-2022-40631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40631"
    },
    {
      "name": "CVE-2022-33139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33139"
    },
    {
      "name": "CVE-2022-40178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40178"
    },
    {
      "name": "CVE-2022-36361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36361"
    },
    {
      "name": "CVE-2022-36363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36363"
    },
    {
      "name": "CVE-2022-40147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40147"
    },
    {
      "name": "CVE-2022-38465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38465"
    },
    {
      "name": "CVE-2022-36360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36360"
    },
    {
      "name": "CVE-2022-40227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40227"
    },
    {
      "name": "CVE-2022-31765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31765"
    }
  ],
  "initial_release_date": "2022-10-11T00:00:00",
  "last_revision_date": "2022-10-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-897",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-10-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-697140 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-697140.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-649853 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-649853.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-552702 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-552702.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-572005 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-572005.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-501891 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-501891.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-568427 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-568427.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-928782 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-928782.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-898115 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssb-898115.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-384224 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-384224.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-611756 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-611756.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-935500 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-935500.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-955858 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-955858.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-313313 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-313313.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-836027 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-836027.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-360783 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-360783.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-258115 du 11 octobre 2022",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-258115.html"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2022-40631 (GCVE-0-2022-40631)

Vulnerability from cvelistv5

CERTFR-2022-AVI-897

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature