Vulnerability CVE-2022-22145


Published: 2022-03-11

Description:
CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.

Type:

CWE-400

(Uncontrolled Resource Consumption ('Resource Exhaustion'))

CVSS2 => (AV:N/AC:M/Au:S/C:N/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.9/10
4.9/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
None
Partial
Partial
Affected software
Yokogawa -> Exaopc 

 References:
https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf

Copyright 2024, cxsecurity.com

 

Back to Top