CVE-2022-2967 - OpenCVE

Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Prosysopc	Ua Modbus Server Ua Simulation Server

Configuration 1 [-]

OR	cpe:2.3:a:prosysopc:ua_modbus_server::::::::
	cpe:2.3:a:prosysopc:ua_simulation_server::::::::

References

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01	Patch Third Party Advisory US Government Resource
https://www.prosysopc.com/blog/#Security	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2023-01-03T21:24:21.098Z

Updated:

Reserved: 2022-08-23T15:17:49.768Z

Link: CVE-2022-2967

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-01-03T22:15:11.757

Modified: 2023-01-10T16:38:23.107

Link: CVE-2022-2967

JSON object: View

Redhat Information

No data.

CWE

CWE-522

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-2967", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2022-08-23T15:17:49.768Z", "datePublished": "2023-01-03T21:24:21.098Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "UA Simulation Server", "vendor": "Prosys OPC", "versions": [{"lessThan": "5.3.0-64", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "UA Modbus Server", "vendor": "Prosys OPC", "versions": [{"lessThanOrEqual": "1.4.18-5", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Parvin Kumar, Dr. Sriharsha Etigowni, and Prof. Dongyan Xu of Purdue University West Lafayette reported this vulnerability to CISA."}], "datePublic": "2022-12-15T18:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}], "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-01-03T21:24:21.098Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"}, {"url": "https://www.prosysopc.com/blog/#Security"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Prosys has released updates for the following products:<br>\u2022 UA Simulation Server: Update to v5.4.0<br>\u2022 UA Modbus Server: Update to 1.4.20<br><br>"}], "value": "Prosys has released updates for the following products:\n\u2022 UA Simulation Server: Update to v5.4.0\n\u2022 UA Modbus Server: Update to 1.4.20\n\n"}], "source": {"advisory": "ICSA-22-349-01", "discovery": "EXTERNAL"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n<p>Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:</p>\n\n<ul><li>Restart the application after modifying user passwords.</li>\n</ul><p>For more information, users can refer to the Prosys OPC <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.prosysopc.com/blog/#Security\">security blog</a><span style=\"background-color: var(--wht);\">.</span></p>"}], "value": "Prosys also recommends additional workarounds to mitigate exploitation of this vulnerability:\n\n\n\n * Restart the application after modifying user passwords.\n\n\n\nFor more information, users can refer to the Prosys OPC security blog https://www.prosysopc.com/blog/#Security .\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:prosysopc:ua_modbus_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBD45F09-929C-4DFC-844D-3AC4E00F4F66", "versionEndExcluding": "1.4.20", "vulnerable": true}, {"criteria": "cpe:2.3:a:prosysopc:ua_simulation_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C7B35D9-620E-45A2-8717-91ACD9FFB3FD", "versionEndExcluding": "5.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data."}, {"lang": "es", "value": "La versi\u00f3n del servidor de simulaci\u00f3n Prosys OPC UA anterior a la v5.3.0-64 y las versiones del UA Modbus Server 1.4.18-5 y anteriores no protegen suficientemente las credenciales, lo que podr\u00eda permitir a un atacante obtener credenciales de usuario y acceder a los datos del sistema."}], "id": "CVE-2022-2967", "lastModified": "2023-01-10T16:38:23.107", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-01-03T22:15:11.757", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Vendor Advisory"], "url": "https://www.prosysopc.com/blog/#Security"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}