CVE-2022-29874

A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
siemensCNA
8.8 HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
VendorProductVersion
siemens7kg8500-0aa00-0aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa00-2aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa10-0aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa10-2aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa30-0aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa30-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa01-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa01-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa02-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa02-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa11-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa11-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa12-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa12-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa31-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa31-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa32-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa32-2aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa00-0aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa00-2aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa10-0aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa10-2aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa30-0aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa30-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa01-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa01-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa02-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa02-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa11-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa11-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa12-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa12-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa31-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa31-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa32-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa32-2aa0_firmware
𝑥
< 3.00
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/html/ssa-165073.html
https://cert-portal.siemens.com/productcert/html/ssa-471761.html
https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf