Details of VAR-202210-1882

ID

VAR-202210-1882

CVE

CVE-2022-38744

TITLE

Rockwell Automation of FactoryTalk Alarms and Events Authentication vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-020022

DESCRIPTION

An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML. Rockwell Automation of FactoryTalk Alarms and Events There is an authentication vulnerability in.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-38744 // JVNDB: JVNDB-2022-020022 // VULHUB: VHN-434518

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	factorytalk alarms and events	scope:	eq	version:	-	Trust: 1.0
vendor:	rockwell automation	model:	factorytalk alarms and events	scope:	-	version:	-	Trust: 0.8
vendor:	rockwell automation	model:	factorytalk alarms and events	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-020022 // NVD: CVE-2022-38744

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-38744
value:	HIGH
Trust: 1.0
PSIRT@rockwellautomation.com:	CVE-2022-38744
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-38744
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202210-2369
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-38744
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2022-38744
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-020022 // CNNVD: CNNVD-202210-2369 // NVD: CVE-2022-38744 // NVD: CVE-2022-38744

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.1
problemtype:	Inappropriate authentication (CWE-287) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-434518 // JVNDB: JVNDB-2022-020022 // NVD: CVE-2022-38744

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-2369

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202210-2369

PATCH

title:

Rockwell Automation FactoryTalk Alarm and Events Server Remediation measures for authorization problem vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=212341

Trust: 0.6

sources: CNNVD: CNNVD-202210-2369

EXTERNAL IDS

db:	NVD	id:	CVE-2022-38744	Trust: 3.3
db:	ICS CERT	id:	ICSA-22-300-01	Trust: 0.8
db:	JVN	id:	JVNVU94803886	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-020022	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.5424	Trust: 0.6
db:	CNNVD	id:	CNNVD-202210-2369	Trust: 0.6
db:	VULHUB	id:	VHN-434518	Trust: 0.1

sources: VULHUB: VHN-434518 // JVNDB: JVNDB-2022-020022 // CNNVD: CNNVD-202210-2369 // NVD: CVE-2022-38744

REFERENCES

url:	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136876	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-38744	Trust: 1.4
url:	https://jvn.jp/vu/jvnvu94803886/	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-300-01	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-38744/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5424	Trust: 0.6

sources: VULHUB: VHN-434518 // JVNDB: JVNDB-2022-020022 // CNNVD: CNNVD-202210-2369 // NVD: CVE-2022-38744

SOURCES

db:	VULHUB	id:	VHN-434518
db:	JVNDB	id:	JVNDB-2022-020022
db:	CNNVD	id:	CNNVD-202210-2369
db:	NVD	id:	CVE-2022-38744

LAST UPDATE DATE

2024-08-14T13:24:28.135000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-434518	date:	2022-10-31T00:00:00
db:	JVNDB	id:	JVNDB-2022-020022	date:	2023-10-30T08:21:00
db:	CNNVD	id:	CNNVD-202210-2369	date:	2022-11-01T00:00:00
db:	NVD	id:	CVE-2022-38744	date:	2023-11-07T03:50:14.327

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-434518	date:	2022-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2022-020022	date:	2023-10-30T00:00:00
db:	CNNVD	id:	CNNVD-202210-2369	date:	2022-10-27T00:00:00
db:	NVD	id:	CVE-2022-38744	date:	2022-10-27T14:15:10.777