Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions provided by AD server. This may lead to leakage or tampering of data managed by AD server.
References
Link | Resource |
---|---|
https://jvn.jp/vu/JVNVU99204686/index.html | Third Party Advisory |
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/ | Vendor Advisory |
https://jvn.jp/vu/JVNVU99204686/index.html | Third Party Advisory |
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:53
Type | Values Removed | Values Added |
---|---|---|
References | () https://jvn.jp/vu/JVNVU99204686/index.html - Third Party Advisory | |
References | () https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/ - Vendor Advisory |
22 Apr 2022, 18:45
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-287 | |
CPE | cpe:2.3:a:yokogawa:b\/m9000_vp:*:*:*:*:*:*:*:* cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:basic:*:*:* cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:small:*:*:* cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:-:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 5.8
v3 : 9.1 |
References | (MISC) https://jvn.jp/vu/JVNVU99204686/index.html - Third Party Advisory | |
References | (MISC) https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/ - Vendor Advisory |
15 Apr 2022, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-15 02:15
Updated : 2024-11-21 06:53
NVD link : CVE-2022-26034
Mitre link : CVE-2022-26034
CVE.ORG link : CVE-2022-26034
JSON object : View
Products Affected
yokogawa
- centum_vp
- b\/m9000_vp
CWE
CWE-287
Improper Authentication