CVE-2022-23176 - OpenCVE

WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Watchguard	Fireware

Configuration 1 [-]

OR	cpe:2.3:o:watchguard:fireware::::::::
	cpe:2.3:o:watchguard:fireware::::::::
	cpe:2.3:o:watchguard:fireware:12.1.3:-::::::
	cpe:2.3:o:watchguard:fireware:12.1.3:u1::::::
	cpe:2.3:o:watchguard:fireware:12.1.3:u2::::::
	cpe:2.3:o:watchguard:fireware:12.5.7:-::::::
	cpe:2.3:o:watchguard:fireware:12.5.7:u1::::::
	cpe:2.3:o:watchguard:fireware:12.5.7:u2::::::
	cpe:2.3:o:watchguard:fireware:12.7.2:-::::::

References

Link	Resource
https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/	Third Party Advisory
https://securityportal.watchguard.com	Vendor Advisory
https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html	Release Notes Vendor Advisory
https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html	Release Notes Vendor Advisory
https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-02-24T00:52:48

Updated: 2022-04-08T02:22:03

Reserved: 2022-01-12T00:00:00

Link: CVE-2022-23176

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-02-24T15:15:28.447

Modified: 2023-08-08T14:21:49.707

Link: CVE-2022-23176

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-08T02:22:03", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://securityportal.watchguard.com"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html"}, {"tags": ["x_refsource_MISC"], "url": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-23176", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://securityportal.watchguard.com", "refsource": "MISC", "url": "https://securityportal.watchguard.com"}, {"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html", "refsource": "CONFIRM", "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html"}, {"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html", "refsource": "MISC", "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"}, {"name": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html", "refsource": "MISC", "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html"}, {"name": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/", "refsource": "MISC", "url": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-23176", "datePublished": "2022-02-24T00:52:48", "dateReserved": "2022-01-12T00:00:00", "dateUpdated": "2022-04-08T02:22:03", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"cisaActionDue": "2022-05-02", "cisaExploitAdd": "2022-04-11", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "WatchGuard Firebox and XTM Privilege Escalation Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7C2E450-C7DC-40F4-928C-2323428E4DF4", "versionEndExcluding": "12.1.3", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6F1E4F7-F27A-4155-AE19-BFD52439E730", "versionEndExcluding": "12.5.7", "versionStartIncluding": "12.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*", "matchCriteriaId": "0F3E6444-AA30-4F87-AB97-12601CEDF14E", "vulnerable": true}, {"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*", "matchCriteriaId": "48106213-C927-4232-A95F-4E6962E72BF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*", "matchCriteriaId": "EB0676CA-E9BF-4CB8-99D2-7FA0ACC711EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:watchguard:fireware:12.5.7:-:*:*:*:*:*:*", "matchCriteriaId": "C41626A1-91D4-4C45-9399-EB45DBD62492", "vulnerable": true}, {"criteria": "cpe:2.3:o:watchguard:fireware:12.5.7:u1:*:*:*:*:*:*", "matchCriteriaId": "9C03747F-6726-4D2A-A888-25B592549ED0", "vulnerable": true}, {"criteria": "cpe:2.3:o:watchguard:fireware:12.5.7:u2:*:*:*:*:*:*", "matchCriteriaId": "E7170909-0964-4229-8DD6-304CEBFEEA32", "vulnerable": true}, {"criteria": "cpe:2.3:o:watchguard:fireware:12.7.2:-:*:*:*:*:*:*", "matchCriteriaId": "CA32519C-7B8B-4270-BBAD-7CAFAD28AA5E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3."}, {"lang": "es", "value": "Los dispositivos WatchGuard Firebox y XTM permiten que un atacante remoto con credenciales no privilegiadas acceda al sistema con una sesi\u00f3n de gesti\u00f3n privilegiada a trav\u00e9s del acceso de gesti\u00f3n expuesto. Esta vulnerabilidad afecta al sistema operativo Fireware antes de la versi\u00f3n 12.7.2_U1, 12.x antes de la versi\u00f3n 12.1.3_U3, y 12.2.x hasta 12.5.x antes de la versi\u00f3n 12.5.7_U3"}], "id": "CVE-2022-23176", "lastModified": "2023-08-08T14:21:49.707", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-24T15:15:28.447", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://arstechnica.com/information-technology/2022/04/watchguard-failed-to-disclose-critical-flaw-exploited-by-russian-hackers/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://securityportal.watchguard.com"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_1_3_U7/index.html#Fireware/en-US/resolved_issues.html"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7/index.html#Fireware/en-US/resolved_issues.html"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.watchguard.com/support/release-notes/fireware/12/en-US/EN_ReleaseNotes_Fireware_12_7_2/index.html#Fireware/en-US/resolved_issues.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}