CVE-2022-1805 - OpenCVE

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Teradici	Tera2 Pcoip Zero Client Firmware Tera2 Pcoip Zero Client

Configuration 1 [-]

AND

OR	cpe:2.3:o:teradici:tera2_pcoip_zero_client_firmware::::::::
	cpe:2.3:o:teradici:tera2_pcoip_zero_client_firmware:22.04:::::::*

cpe:2.3:h:teradici:tera2_pcoip_zero_client:-:*:*:*:*:*:*:*

References

Link	Resource
https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: hp

Published: 2022-07-28T14:21:09

Updated: 2022-07-28T14:21:09

Reserved: 2022-05-20T00:00:00

Link: CVE-2022-1805

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-07-28T15:15:07.553

Modified: 2022-08-05T02:12:52.913

Link: CVE-2022-1805

JSON object: View

Redhat Information

No data.

CWE

CWE-295

{"containers": {"cna": {"affected": [{"product": "Tera2 Zero Client", "vendor": "n/a", "versions": [{"status": "affected", "version": "Firmware version 22.04 and earlier"}]}], "descriptions": [{"lang": "en", "value": "When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client."}], "problemTypes": [{"descriptions": [{"description": "Man in the Middle Attack", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-07-28T14:21:09", "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "hp-security-alert@hp.com", "ID": "CVE-2022-1805", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Tera2 Zero Client", "version": {"version_data": [{"version_value": "Firmware version 22.04 and earlier"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Man in the Middle Attack"}]}]}, "references": {"reference_data": [{"name": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794", "refsource": "MISC", "url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"}]}}}}, "cveMetadata": {"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "assignerShortName": "hp", "cveId": "CVE-2022-1805", "datePublished": "2022-07-28T14:21:09", "dateReserved": "2022-05-20T00:00:00", "dateUpdated": "2022-07-28T14:21:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:teradici:tera2_pcoip_zero_client_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BDC5949-06FB-493B-BA9C-CA37BC611F28", "versionEndExcluding": "22.01.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:teradici:tera2_pcoip_zero_client_firmware:22.04:*:*:*:*:*:*:*", "matchCriteriaId": "652204B8-1CF6-4A8B-8D29-EACFA05BA212", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:teradici:tera2_pcoip_zero_client:-:*:*:*:*:*:*:*", "matchCriteriaId": "91376750-D525-48A7-B775-6DFB7953C05D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client."}, {"lang": "es", "value": "Cuando es conectado a Amazon Workspaces, el SHA256 presentado por el aprovisionador de conexiones de AWS no es verificado completamente por Zero Clients. El problema podr\u00eda ser explotado por un adversario que coloque un MITM (Man in the Middle) entre un cliente cero y el aprovisionador de sesiones de AWS en la red. Este problema s\u00f3lo es aplicable cuando es conectado a un espacio de trabajo de Amazon desde un cliente cero PCoIP"}], "id": "CVE-2022-1805", "lastModified": "2022-08-05T02:12:52.913", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-28T15:15:07.553", "references": [{"source": "hp-security-alert@hp.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.hp.com/us-en/document/ish_6545906-6545930-16/hpsbhf03794"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}]}