Details of VAR-202301-0629

ID

VAR-202301-0629

CVE

CVE-2022-43514

TITLE

Siemens Automation License Manager Path Traversal Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2023-02704 // CNNVD: CNNVD-202301-657

DESCRIPTION

A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4), TeleControl Server Basic V3 (All versions < V3.1.2). The affected component does not correctly validate the root path on folder related operations, allowing to modify files and folders outside the intended root directory. This could allow an unauthenticated remote attacker to execute file operations of files outside of the specified root folder. Chained with CVE-2022-43513 this could allow Remote Code Execution. This vulnerability is CVE-2022-43513 And related vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Automation License Manager (ALM) centrally manages license keys for various Siemens software products. Software products that require a license key automatically report this requirement to ALM. When ALM finds a valid license key for this software, it can be used in accordance with the End User License Agreement

Trust: 2.25

sources: NVD: CVE-2022-43514 // JVNDB: JVNDB-2023-001809 // CNVD: CNVD-2023-02704 // VULHUB: VHN-440569

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2023-02704

AFFECTED PRODUCTS

vendor:	siemens	model:	automation license manager	scope:	eq	version:	5.3.4.4	Trust: 1.0
vendor:	siemens	model:	automation license manager	scope:	eq	version:	6.0.8	Trust: 1.0
vendor:	siemens	model:	automation license manager	scope:	eq	version:	5.2	Trust: 1.0
vendor:	siemens	model:	automation license manager	scope:	eq	version:	6.0.9	Trust: 1.0
vendor:	siemens	model:	automation license manager	scope:	eq	version:	5.0.0	Trust: 1.0
vendor:	siemens	model:	automation license manager	scope:	eq	version:	6.0	Trust: 1.0
vendor:	siemens	model:	automation license manager	scope:	eq	version:	6.0.1	Trust: 1.0
vendor:	siemens	model:	automation license manager	scope:	eq	version:	5.1	Trust: 1.0
vendor:	siemens	model:	automation license manager	scope:	eq	version:	5.3	Trust: 1.0
vendor:	シーメンス	model:	automation license manager	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	automation license manager	scope:	eq	version:	-	Trust: 0.8
vendor:	siemens	model:	automation license manager	scope:	eq	version:	5	Trust: 0.6
vendor:	siemens	model:	automation license manager sp9 upd4	scope:	eq	version:	6<6.0	Trust: 0.6

sources: CNVD: CNVD-2023-02704 // JVNDB: JVNDB-2023-001809 // NVD: CVE-2022-43514

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2022-43514
value:	CRITICAL
Trust: 1.8
productcert@siemens.com:	CVE-2022-43514
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2023-02704
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202301-657
value:	CRITICAL
Trust: 0.6

CNVD:	CNVD-2023-02704
severity:	HIGH
baseScore:	7.3
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	9.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

NVD:
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
productcert@siemens.com:
baseSeverity:	HIGH
baseScore:	7.7
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	LOW
exploitabilityScore:	2.2
impactScore:	5.5
version:	3.1
Trust: 1.0
NVD:	CVE-2022-43514
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2023-02704 // JVNDB: JVNDB-2023-001809 // CNNVD: CNNVD-202301-657 // NVD: CVE-2022-43514 // NVD: CVE-2022-43514

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.1
problemtype:	Path traversal (CWE-22) [ others ]	Trust: 0.8

sources: VULHUB: VHN-440569 // JVNDB: JVNDB-2023-001809 // NVD: CVE-2022-43514

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202301-657

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202301-657

CONFIGURATIONS

sources: NVD: CVE-2022-43514

PATCH

title:	SSA-476715	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf	Trust: 0.8
title:	Patch for Siemens Automation License Manager Path Traversal Vulnerability	url:	https://www.cnvd.org.cn/patchinfo/show/397256	Trust: 0.6
title:	Siemens Automation License Manager Repair measures for path traversal vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqbyid.tag?id=221643	Trust: 0.6

sources: CNVD: CNVD-2023-02704 // JVNDB: JVNDB-2023-001809 // CNNVD: CNNVD-202301-657

EXTERNAL IDS

db:	NVD	id:	CVE-2022-43514	Trust: 3.9
db:	SIEMENS	id:	SSA-476715	Trust: 2.3
db:	SIEMENS	id:	SSA-556635	Trust: 1.0
db:	ICS CERT	id:	ICSA-23-012-10	Trust: 0.8
db:	JVN	id:	JVNVU90782730	Trust: 0.8
db:	JVNDB	id:	JVNDB-2023-001809	Trust: 0.8
db:	CNVD	id:	CNVD-2023-02704	Trust: 0.6
db:	CNNVD	id:	CNNVD-202301-657	Trust: 0.6
db:	VULHUB	id:	VHN-440569	Trust: 0.1

sources: CNVD: CNVD-2023-02704 // VULHUB: VHN-440569 // JVNDB: JVNDB-2023-001809 // CNNVD: CNNVD-202301-657 // NVD: CVE-2022-43514

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/html/ssa-476715.html	Trust: 1.6
url:	https://cert-portal.siemens.com/productcert/html/ssa-556635.html	Trust: 1.0
url:	https://jvn.jp/vu/jvnvu90782730/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-43514	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-23-012-10	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-43514/	Trust: 0.6

sources: CNVD: CNVD-2023-02704 // VULHUB: VHN-440569 // JVNDB: JVNDB-2023-001809 // CNNVD: CNNVD-202301-657 // NVD: CVE-2022-43514

SOURCES

db:	CNVD	id:	CNVD-2023-02704
db:	VULHUB	id:	VHN-440569
db:	JVNDB	id:	JVNDB-2023-001809
db:	CNNVD	id:	CNNVD-202301-657
db:	NVD	id:	CVE-2022-43514

LAST UPDATE DATE

2024-04-19T21:02:29.529000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2023-02704	date:	2023-01-13T00:00:00
db:	VULHUB	id:	VHN-440569	date:	2023-01-14T00:00:00
db:	JVNDB	id:	JVNDB-2023-001809	date:	2023-05-16T04:40:00
db:	CNNVD	id:	CNNVD-202301-657	date:	2023-01-16T00:00:00
db:	NVD	id:	CVE-2022-43514	date:	2024-04-09T09:15:19.540

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2023-02704	date:	2023-01-13T00:00:00
db:	VULHUB	id:	VHN-440569	date:	2023-01-10T00:00:00
db:	JVNDB	id:	JVNDB-2023-001809	date:	2023-05-16T00:00:00
db:	CNNVD	id:	CNNVD-202301-657	date:	2023-01-10T00:00:00
db:	NVD	id:	CVE-2022-43514	date:	2023-01-10T12:15:23.277