Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to access other device's information.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-263-03 | Patch Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
History
07 Nov 2023, 03:50
Type | Values Removed | Values Added |
---|---|---|
Summary | Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to access other device's information. |
21 Jul 2023, 19:25
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
28 Dec 2022, 18:59
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:dataprobe:iboot-pdu8sa-n20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu8a-2n15:-:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu4a-n15_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu8sa-n15_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu8a-n15_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu8sa-2n15_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu4-n20:-:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu4a-n20:-:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu8a-2n20:-:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu8a-2n20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu8sa-n15:-:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu8sa-2n15:-:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu4sa-n20:-:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu4a-n20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu4a-n15:-:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu4sa-n15:-:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu8a-n15:-:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu8a-n20:-:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu8a-2n15_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu4sa-n15_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu4-n20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu4sa-n20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:dataprobe:iboot-pdu8sa-n20:-:*:*:*:*:*:*:* cpe:2.3:o:dataprobe:iboot-pdu8a-n20_firmware:*:*:*:*:*:*:*:* |
|
First Time |
Dataprobe iboot-pdu8sa-n15
Dataprobe iboot-pdu8sa-2n15 Dataprobe Dataprobe iboot-pdu8a-2n20 Firmware Dataprobe iboot-pdu8a-n20 Firmware Dataprobe iboot-pdu4-n20 Firmware Dataprobe iboot-pdu4sa-n20 Firmware Dataprobe iboot-pdu4a-n15 Firmware Dataprobe iboot-pdu8a-n15 Firmware Dataprobe iboot-pdu8a-2n15 Dataprobe iboot-pdu4sa-n15 Firmware Dataprobe iboot-pdu8a-2n15 Firmware Dataprobe iboot-pdu8a-2n20 Dataprobe iboot-pdu4a-n15 Dataprobe iboot-pdu4sa-n20 Dataprobe iboot-pdu8a-n15 Dataprobe iboot-pdu4-n20 Dataprobe iboot-pdu4a-n20 Dataprobe iboot-pdu4sa-n15 Dataprobe iboot-pdu8sa-n20 Firmware Dataprobe iboot-pdu8sa-n15 Firmware Dataprobe iboot-pdu4a-n20 Firmware Dataprobe iboot-pdu8a-n20 Dataprobe iboot-pdu8sa-n20 Dataprobe iboot-pdu8sa-2n15 Firmware |
|
References | (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-263-03 - Patch, Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
21 Dec 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-21 23:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-3186
Mitre link : CVE-2022-3186
CVE.ORG link : CVE-2022-3186
JSON object : View
Products Affected
dataprobe
- iboot-pdu4sa-n15
- iboot-pdu8a-2n15
- iboot-pdu4-n20_firmware
- iboot-pdu4a-n15_firmware
- iboot-pdu8a-n20_firmware
- iboot-pdu8a-2n15_firmware
- iboot-pdu8a-2n20
- iboot-pdu8sa-2n15_firmware
- iboot-pdu8a-n15
- iboot-pdu4a-n20
- iboot-pdu4sa-n20
- iboot-pdu4sa-n15_firmware
- iboot-pdu4a-n20_firmware
- iboot-pdu8sa-n20
- iboot-pdu8a-n15_firmware
- iboot-pdu4-n20
- iboot-pdu8sa-n20_firmware
- iboot-pdu8a-n20
- iboot-pdu8a-2n20_firmware
- iboot-pdu8sa-n15_firmware
- iboot-pdu8sa-2n15
- iboot-pdu4sa-n20_firmware
- iboot-pdu4a-n15
- iboot-pdu8sa-n15
CWE