CVE-2022-37932

{"id": "CVE-2022-37932", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-alert@hpe.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2022-12-12T13:15:14.360", "references": [{"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04383en_us", "tags": ["Vendor Advisory"], "source": "security-alert@hpe.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following software updates to resolve the vulnerability in Hewlett Packard Enterprise OfficeConnect 1820, 1850 and 1920S Network switches versions: Prior to PT.02.14; Prior to PC.01.22; Prior to PO.01.21; Prior to PD.02.22;\n\n"}, {"lang": "es", "value": "Se ha identificado una posible vulnerabilidad de seguridad en los conmutadores de red Hewlett Packard Enterprise OfficeConnect 1820, 1850 y 1920S. La vulnerabilidad podr\u00eda explotarse de forma remota para permitir omitir la autenticaci\u00f3n. HPE ha realizado las siguientes actualizaciones de software para resolver la vulnerabilidad en las versiones de los conmutadores de red Hewlett Packard Enterprise OfficeConnect 1820, 1850 y 1920S: anteriores a PT.02.14; Antes de PC.01.22; Antes de PO.01.21; Antes del PD.02.22;"}], "lastModified": "2023-11-07T03:49:56.697", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1820_j9979a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFAABEF2-F55F-49FE-9BDB-E6A07F3B9668", "versionEndExcluding": "pt.02.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1820_j9979a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7F9F10C-0FD7-4224-8604-D40772A6D325"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1820_j9982a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD349A82-736E-48AB-A16F-B7F09A540AF5", "versionEndExcluding": "pt.02.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1820_j9982a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7647988C-38C0-4866-9D14-EB0A5380FF85"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1820_j9980a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84C2E422-9A0E-4D91-93BE-C4DD0083CA65", "versionEndExcluding": "pt.02.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1820_j9980a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CC221BBC-AFD9-4115-A4A6-ACB64E8B1498"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1820_j9983a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A8AE93C-B333-430E-B5FE-E072EAB83599", "versionEndExcluding": "pt.02.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1820_j9983a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BDDC1474-AC0F-4A9D-AE34-3C1037346A9D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1820_j9981a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39DD62A3-CE10-4343-BDC4-73A84E892F13", "versionEndExcluding": "pt.02.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1820_j9981a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFAE1036-E1F0-46EE-8FA3-0204299258C0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1820_j9984a_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6467F62-F15A-469B-BEC5-9E11A242B6FC", "versionEndExcluding": "pt.02.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1820_j9984a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "88C9CDFE-A010-4B48-A7C0-493D82B654F8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1850_24g_2xgt_poe\\+_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66948DB9-F00D-40A4-8B32-B6E49A24FA25", "versionEndExcluding": "pc.01.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1850_24g_2xgt_poe\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C1384A4C-5F0A-4F34-BB26-BFD9CDE56C1A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1850_24g_2xgt_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3377E5AB-1864-4465-AD35-616E1A806384", "versionEndExcluding": "pc.01.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1850_24g_2xgt:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3DF9BC87-425B-4965-B0BB-9B11B6BE5DAE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1850_48g_4xgt_poe\\+_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34F06E1A-4EFE-41EA-97C6-7139DD013AFB", "versionEndExcluding": "pc.01.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1850_48g_4xgt_poe\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "34CC05B8-2AC3-4379-8E27-B771F520EF97"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1850_48g_4xgt_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EDD55A8-3C69-4B53-A3C0-F0E2A9B4692A", "versionEndExcluding": "pc.01.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1850_48g_4xgt:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5DD61C53-261D-4155-800E-CE5709BFAA90"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1850_6xgt_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F0CBEF7-0963-45F9-B4A5-DC04909D4B12", "versionEndExcluding": "po.01.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1850_6xgt:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2A0AAED7-FCBB-40E6-9649-617F1CD62A34"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1850_2xgt\\/spf\\+_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A208318-52FA-4E1F-A62E-F2667CE9F132", "versionEndExcluding": "po.01.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1850_2xgt\\/spf\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "90F00E23-350B-4117-96E4-A342790992B8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1920s_24g_2sfp_poe\\+_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "410FE7C9-6757-4B7D-88C7-5FAB7E11F970", "versionEndExcluding": "pd.02.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1920s_24g_2sfp_poe\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75407C01-1A83-43A4-9C75-6EBDED3DE676"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1920s_24g_2sfp_ppoe\\+_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "422F8D41-CA36-42A1-9201-F7D438E30BB6", "versionEndExcluding": "pd.02.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1920s_24g_2sfp_ppoe\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E44086E4-506F-44D6-95A7-112BFD8AB2EC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1920s_24g_2sfp_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21CC988D-9798-4131-8DBA-D769EAC50F17", "versionEndExcluding": "pd.02.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1920s_24g_2sfp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "82FC497B-C6D9-46E9-AC07-0AFED63A7FD4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1920s_48g_4sfp_ppoe\\+_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCE3C410-DCA7-44E4-9425-B9ABBAAB68E1", "versionEndExcluding": "pd.02.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1920s_48g_4sfp_ppoe\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E26FF87F-A734-4E79-B08D-7FB97564DF99"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1920s_48g_4sfp_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF9C79BA-8094-4976-B9A0-BC9008A3AE57", "versionEndExcluding": "pd.02.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1920s_48g_4sfp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C916A687-153B-42D6-95A7-2B6CC39E36C7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1920s_8g_ppoe\\+_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4991134-1AC5-401E-B942-486CB7B9D184", "versionEndExcluding": "pd.02.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1920s_8g_ppoe\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BA52CA14-46DC-4C72-92D8-F065500E0F64"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hpe:officeconnect_1920s_8g_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "295C6B0F-83E7-4242-BF64-968B8D2536DE", "versionEndExcluding": "pd.02.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hpe:officeconnect_1920s_8g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0686F303-D228-4D0A-8648-67930EFA8395"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security-alert@hpe.com"}