CVE-2022-29874

EUVD-2022-34186
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
siemensCNA
8.8 HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
Affected Products (NVD)
VendorProductVersion
siemens7kg8500-0aa00-0aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa00-2aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa10-0aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa10-2aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa30-0aa0_firmware
𝑥
< 3.00
siemens7kg8500-0aa30-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa01-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa01-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa02-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa02-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa11-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa11-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa12-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa12-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa31-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa31-2aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa32-0aa0_firmware
𝑥
< 3.00
siemens7kg8501-0aa32-2aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa00-0aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa00-2aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa10-0aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa10-2aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa30-0aa0_firmware
𝑥
< 3.00
siemens7kg8550-0aa30-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa01-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa01-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa02-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa02-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa11-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa11-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa12-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa12-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa31-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa31-2aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa32-0aa0_firmware
𝑥
< 3.00
siemens7kg8551-0aa32-2aa0_firmware
𝑥
< 3.00
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/html/ssa-165073.html
https://cert-portal.siemens.com/productcert/html/ssa-471761.html
https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf