CVE-2022-22512 - OpenCVE

Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows an unauthorized attacker to gain administrative access to the Web-UI via network.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Varta	One Xl One L Element S1 Firmware Element Backup Firmware Element Backup Element S2 Firmware Element S3 Firmware One Xl Firmware One L Firmware Pulse Firmware Element S2 Element S4 Firmware Element S4 Pulse Element S3 Element S1

Configuration 1 [-]

AND

cpe:2.3:o:varta:element_backup_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:varta:element_backup:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:varta:element_s1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:varta:element_s1:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:varta:element_s2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:varta:element_s2:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:varta:element_s3_firmware::::::::
	cpe:2.3:o:varta:element_s3_firmware::::::::

cpe:2.3:h:varta:element_s3:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:varta:element_s4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:varta:element_s4:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:varta:one_l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:varta:one_l:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:varta:one_xl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:varta:one_xl:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:varta:pulse_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:varta:pulse:-:*:*:*:*:*:*:*

References

Link	Resource
https://cert.vde.com/en/advisories/VDE-2022-061/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2023-03-23T05:32:16.285Z

Updated: 2023-05-23T06:06:45.925Z

Reserved: 2022-01-03T22:35:36.934Z

Link: CVE-2022-22512

JSON object: View

NVD Information

Status : Modified

Published: 2023-03-23T06:15:12.367

Modified: 2023-05-23T07:15:09.060

Link: CVE-2022-22512

JSON object: View

Redhat Information

No data.

CWE

CWE-798

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-22512", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2022-01-03T22:35:36.934Z", "datePublished": "2023-03-23T05:32:16.285Z", "dateUpdated": "2023-05-23T06:06:45.925Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Element backup", "vendor": "VARTA Storage", "versions": [{"lessThan": "F21000400", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Element S1", "vendor": "VARTA Storage", "versions": [{"lessThan": "2e.3.8.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Element S2", "vendor": "VARTA Storage", "versions": [{"lessThan": "2e.3.8.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Element S2", "vendor": "VARTA Storage", "versions": [{"lessThan": "2e.3.8.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Element S3", "vendor": "VARTA Storage", "versions": [{"lessThan": "2e.3.8.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Element S3", "vendor": "VARTA Storage", "versions": [{"lessThan": "2e.4.4.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Element S4", "vendor": "VARTA Storage", "versions": [{"lessThan": "D21010400", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "One L/XL", "vendor": "VARTA Storage", "versions": [{"lessThan": "2e.3.8.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Pulse (not pulse neo)", "vendor": "VARTA Storage", "versions": [{"lessThan": "C21010800", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Andreas Dolp"}, {"lang": "en", "type": "coordinator", "user": "00000000-0000-4000-9000-000000000000", "value": "CERT@VDE"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows an unauthorized attacker to gain administrative access to the Web-UI via network."}], "value": "Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows an unauthorized attacker to gain administrative access to the Web-UI via network."}], "impacts": [{"capecId": "CAPEC-150", "descriptions": [{"lang": "en", "value": "CAPEC-150 Collect Data from Common Resource Locations"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2023-05-23T06:06:45.925Z"}, "references": [{"url": "https://cert.vde.com/en/advisories/VDE-2022-061/"}], "source": {"advisory": "VDE-2022-061", "defect": ["CERT@VDE#64092"], "discovery": "EXTERNAL"}, "title": "VARTA: Multiple devices prone to hard-coded credentials", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:varta:element_backup_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B8FFA7A-1C91-4C5B-A1E0-F057A1B83B90", "versionEndExcluding": "f21000400", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:varta:element_backup:-:*:*:*:*:*:*:*", "matchCriteriaId": "18A32228-1E64-4F09-B8EA-F122F7F8EFBA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:varta:element_s1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D85D801-4958-4949-B8C1-8CF486B463E8", "versionEndExcluding": "2e.3.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:varta:element_s1:-:*:*:*:*:*:*:*", "matchCriteriaId": "19031686-7D24-408D-9144-1286C2C288B7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:varta:element_s2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1AB1110-6B20-46CD-81EE-C893D02FED70", "versionEndExcluding": "2e.3.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:varta:element_s2:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9BCEA27-93B4-4D04-8E2A-4A0CC4EA725E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:varta:element_s3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E3B1FD3-CFA7-4585-B58F-DE3C67C952B5", "versionEndExcluding": "2e.3.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:varta:element_s3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "290140CE-3093-42D1-8060-A1DF88695CE9", "versionEndExcluding": "2e.4.4.0", "versionStartIncluding": "2e.4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:varta:element_s3:-:*:*:*:*:*:*:*", "matchCriteriaId": "67ACACF9-DBAF-4C23-AD99-2966BC9DE24A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:varta:element_s4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "29167A22-1E33-4DD8-BD6D-9046F6D11394", "versionEndExcluding": "d21010400", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:varta:element_s4:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A2E6700-E663-4F91-8F2C-2D543A5B074D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:varta:one_l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "99BB655C-9E6E-4373-9B87-1A012DFAFACB", "versionEndExcluding": "2e.3.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:varta:one_l:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FE9CF95-00C5-4913-9BFE-B57F1014FE7C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:varta:one_xl_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "79C4C11C-02D8-4580-A2F6-23A7FD861CB7", "versionEndExcluding": "2e.3.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:varta:one_xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CFDDC29-1017-4404-B7F1-2B935A3C44CD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:varta:pulse_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "025EF312-0B07-4553-8AF7-EEDD80A65FC1", "versionEndExcluding": "c21010800", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:varta:pulse:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4E8517B-A421-44E3-850E-DD8D7C9A63FE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows an unauthorized attacker to gain administrative access to the Web-UI via network."}], "id": "CVE-2022-22512", "lastModified": "2023-05-23T07:15:09.060", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "info@cert.vde.com", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Secondary"}]}, "published": "2023-03-23T06:15:12.367", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en/advisories/VDE-2022-061/"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "info@cert.vde.com", "type": "Primary"}]}