CVE-2022-29952

{"id": "CVE-2022-29952", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2022-07-26T22:15:10.843", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "https://www.forescout.com/blog/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality."}, {"lang": "es", "value": "El equipo de monitoreo de condiciones de Bently Nevada versiones hasta 29-04-2022, maneja inapropiadamente la autenticaci\u00f3n. Usa los protocolos de comandos y datos TDI (60005/TCP, 60007/TCP) para las comunicaciones entre el controlador de monitorizaci\u00f3n y el Sistema 1 y/o el software Bently Nevada Monitor Configuration (BNMC). Estos protocolos proporcionan la administraci\u00f3n de la configuraci\u00f3n y la funcionalidad relacionada con los datos hist\u00f3ricos. Ninguno de los dos protocolos presenta caracter\u00edsticas de autenticaci\u00f3n, permitiendo a cualquier atacante capaz de comunicarse con los puertos en cuesti\u00f3n invocar (un subconjunto de) la funcionalidad deseada."}], "lastModified": "2024-02-09T03:16:01.237", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bakerhughes:bently_nevada_3701\\/40_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D92B5C5-BA42-4F57-843D-AE5CCD018755", "versionEndExcluding": "4.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bakerhughes:bently_nevada_3701\\/40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "43F3A6C3-FAFA-4798-A861-280C86C86792"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bakerhughes:bently_nevada_3701\\/44_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE58522B-45F7-43DE-B30C-803238E24CF6", "versionEndExcluding": "4.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bakerhughes:bently_nevada_3701\\/44:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "55145ED4-ABB2-4ABF-815F-D7B9F93B2FB0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bakerhughes:bently_nevada_3701\\/46_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C076FF4-8D1E-4370-BF9E-91056543F423", "versionEndExcluding": "4.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bakerhughes:bently_nevada_3701\\/46:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5182FFD7-A4A2-4E81-907E-F25EA9EA6251"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bakerhughes:bently_nevada_60m100_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "268F94F1-8636-4A4C-8821-87C55CC1458D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bakerhughes:bently_nevada_60m100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B43A4AA-BDFD-4AD1-80BF-686F8F8D517C"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}