CVE-2022-43400

A vulnerability has been identified in Siveillance Video Mobile Server V2022 R2 (All versions < V22.2a (80)). The mobile server component of affected applications improperly handles the log in for Active Directory accounts that are part of Administrators group. This could allow an unauthenticated remote attacker to access the application without a valid account.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:siveillance_video_mobile_server:*:*:*:*:*:*:*:*

History

25 Jan 2023, 02:01

Type Values Removed Values Added
CWE CWE-863 CWE-1390

24 Oct 2022, 15:46

Type Values Removed Values Added
First Time Siemens siveillance Video Mobile Server
Siemens
CWE CWE-863
CPE cpe:2.3:a:siemens:siveillance_video_mobile_server:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-640732.pdf - (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-640732.pdf - Vendor Advisory

21 Oct 2022, 14:33

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-21 14:15

Updated : 2023-01-25 02:01


NVD link : CVE-2022-43400

Mitre link : CVE-2022-43400


JSON object : View

Products Affected

siemens

  • siveillance_video_mobile_server
CWE