CVE-2022-3089 - OpenCVE

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Echelon	Smartserver I.lon Vision

Configuration 1 [-]

AND

cpe:2.3:a:echelon:i.lon_vision:2.2:*:*:*:*:*:*:*

cpe:2.3:h:echelon:smartserver:2.2:*:*:*:*:*:*:*

References

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-23-037-01	Broken Link

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2023-02-13T16:28:57.920Z

Updated:

Reserved: 2022-09-01T18:57:05.237Z

Link: CVE-2022-3089

JSON object: View

NVD Information

Status : Modified

Published: 2023-02-13T17:15:10.763

Modified: 2023-11-07T03:50:46.437

Link: CVE-2022-3089

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-3089", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2022-09-01T18:57:05.237Z", "datePublished": "2023-02-13T16:28:57.920Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Smartserver", "vendor": "EnOcean", "versions": [{"status": "affected", "version": " v2.2 SR8/SP8 (4.12.006) with i.LON Vision v2.2 SR8/SP8 (4.12.006)"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Chizuru Toyama of Trend Micro reported this vulnerability to CISA."}], "datePublic": "2023-02-07T18:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n\n\n<span style=\"background-color: rgb(255, 255, 255);\">Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server. </span>\n\n </span>\n\n"}], "value": "\n\n\n\n\nEchelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server. \n\n \n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-02-13T16:28:57.920Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-037-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p></p>\n\n<p>EnOcean Edge released <a target=\"_blank\" rel=\"nofollow\" href=\"https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes\">SmartServer 3.5 Update 2 (v3.52.003)</a>. </p><p>For additional mitigations and workarounds, users should refer to EnOcean\u2019s <a target=\"_blank\" rel=\"nofollow\" href=\"https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1484465/Enhancing+Security\">hardening guide</a></p>"}], "value": "\n\n\n\n\nEnOcean Edge released SmartServer 3.5 Update 2 (v3.52.003) https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes . \n\nFor additional mitigations and workarounds, users should refer to EnOcean\u2019s hardening guide https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1484465/Enhancing+Security \n\n"}], "source": {"advisory": "ICSA-23-037-01", "discovery": "EXTERNAL"}, "title": "EnOcean SmartServer Hard-coded credentials", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:echelon:i.lon_vision:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "50970A8A-CC8A-49DA-96EB-18C2E92E4420", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:echelon:smartserver:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1685E1B3-A7F7-4E0F-9BFB-C0CC09739D2B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\n\n\n\n\nEchelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server. \n\n \n\n"}], "id": "CVE-2022-3089", "lastModified": "2023-11-07T03:50:46.437", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.5, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-02-13T17:15:10.763", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Broken Link"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-037-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}