CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-31810

A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.2%

CVSS Severity

CVSS v3 Score 7.5

References

https://cert-portal.siemens.com/productcert/pdf/ssa-924149.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-924149.pdf

Products affected by CVE-2022-31810

Siemens » Sipass Integrated » Version: 2.65

cpe:2.3:a:siemens:sipass_integrated:2.65
Siemens » Sipass Integrated » Version: 2.76

cpe:2.3:a:siemens:sipass_integrated:2.76
Siemens » Sipass Integrated » Version: 2.80

cpe:2.3:a:siemens:sipass_integrated:2.80
Siemens » Sipass Integrated » Version: 2.85

cpe:2.3:a:siemens:sipass_integrated:2.85

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31810

Products

Pricing

Contact Us