CVE-2022-22511 - OpenCVE

Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been compromised.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Wago	752-8303\/8000-002 750-8102 750-8101 762-5205\/8000-001 762-6304\/8000-002 Firmware 752-8303\/8000-002 Firmware 762-5206\/8000-001 762-5305\/8000-002 750-8102 Firmware 750-8202\/000-022 750-82 Firmware 750-8202\/000-012 Firmware 762-6301\/8000-002 750-8202\/000-022 Firmware 762-5206\/8000-001 Firmware 762-4206\/8000-002 750-8102\/025-000 Firmware 750-8202\/025-001 762-5306\/8000-002 Firmware 750-8202\/025-000 Firmware 762-6303\/8000-002 762-6302\/8000-002 750-8202\/025-000 762-5305\/8000-002 Firmware 750-8202 750-8100 750-8202\/000-012 762-4306\/8000-002 Firmware 750-8202\/025-001 Firmware 750-8101 Firmware 762-5205\/8000-001 Firmware 762-6301\/8000-002 Firmware 750-82 762-5306\/8000-002 762-4206\/8000-002 Firmware 762-4306\/8000-002 750-8202 Firmware 762-6302\/8000-002 Firmware 762-6303\/8000-002 Firmware 751-9301 762-6304\/8000-002 762-4205\/8000-002 762-4305\/8000-002 Firmware 751-9301 Firmware 762-4305\/8000-002 762-4205\/8000-002 Firmware 750-8101\/025-000 Firmware 750-8100 Firmware 750-8102\/025-000

Configuration 1 [-]

AND

cpe:2.3:o:wago:750-8100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8100:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:wago:750-8101_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8101:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:wago:750-8102_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8102:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:wago:751-9301_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:751-9301:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:wago:750-8202_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8202:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:wago:762-4205\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-4205\/8000-002:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:wago:762-4206\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-4206\/8000-002:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:wago:762-4305\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-4305\/8000-002:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:wago:762-4306\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-4306\/8000-002:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:wago:762-5205\/8000-001_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-5205\/8000-001:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:wago:762-5206\/8000-001_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-5206\/8000-001:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:wago:762-5305\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-5305\/8000-002:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:wago:762-5306\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-5306\/8000-002:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:wago:762-6301\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-6301\/8000-002:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:wago:762-6302\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-6302\/8000-002:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:wago:762-6303\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-6303\/8000-002:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:wago:762-6304\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:762-6304\/8000-002:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:wago:750-8102\/025-000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8102\/025-000:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:wago:750-8101\/025-000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8102\/025-000:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:wago:750-82_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-82:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:wago:750-8202\/000-012_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8202\/000-012:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:wago:750-8202\/000-022_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8202\/000-022:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:wago:750-8202\/025-001_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8202\/025-001:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:wago:750-8202\/025-000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8202\/025-000:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:wago:752-8303\/8000-002_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:752-8303\/8000-002:-:*:*:*:*:*:*:*

References

Link	Resource
https://cert.vde.com/en/advisories/VDE-2022-004/	Mitigation Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2022-03-09T00:00:00

Updated: 2022-03-09T19:38:43

Reserved: 2022-01-03T00:00:00

Link: CVE-2022-22511

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-03-09T20:15:08.367

Modified: 2022-03-18T13:49:51.770

Link: CVE-2022-22511

JSON object: View

Redhat Information

No data.

CWE

CWE-79