CVE-2022-43398

08.11.2022, 11:15

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies.  An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the user's account through the activated session.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
siemens	CNA	7.5 HIGH				CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 40%

Vendor	Product	Version
siemens	7kg9501-0aa01-2aa1_firmware	𝑥 < 2.50
siemens	7kg9501-0aa31-2aa1_firmware	𝑥 < 2.50

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-384 - Session Fixation
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-570294.pdf

https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf