CVE-2022-2757 - Vulnerability Details - OpenCVE

Due to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Kingspan	Tms300 Cs Tms300 Cs Firmware

Configuration 1 [-]

AND

cpe:2.3:o:kingspan:tms300_cs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:kingspan:tms300_cs:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-04

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-12-13T21:18:23.930Z

Updated: 2024-08-03T00:46:04.440Z

Reserved: 2022-08-10T15:21:46.345Z

Link: CVE-2022-2757

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-12-13T22:15:10.007

Modified: 2024-11-21T07:01:38.780

Link: CVE-2022-2757

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-2757", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "requesterUserId": "548e5310-2409-4eaf-9220-2910d23bb95a", "dateReserved": "2022-08-10T15:21:46.345Z", "datePublished": "2022-12-13T21:18:23.930Z", "dateUpdated": "2024-08-03T00:46:04.440Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TMS300 CS", "vendor": "Kingspan ", "versions": [{"status": "affected", "version": "All Versions "}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Maxim Rupp reported this vulnerability to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n\n\n<span style=\"background-color: rgb(255, 255, 255);\">Due to the lack of adequately implemented access-control rules, a</span>ll versions Kingspan TMS300 CS are vulnerable to an attacker viewing and <span style=\"background-color: rgb(255, 255, 255);\">modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver.</span>\n\n"}], "value": "\n\n\nDue to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2022-12-13T21:18:23.930Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-04"}], "source": {"discovery": "EXTERNAL"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\nKingspan has not responded to requests to work with CISA to mitigate \nthese vulnerabilities. Users of the affected product are encouraged to \ncontact <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.kingspan.com/us/en/contact-us/\">Kingspan customer support </a>for additional information.\n\n<br>"}], "value": "Kingspan has not responded to requests to work with CISA to mitigate \nthese vulnerabilities. Users of the affected product are encouraged to \ncontact Kingspan customer support https://www.kingspan.com/us/en/contact-us/ for additional information.\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:46:04.440Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-04", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:kingspan:tms300_cs_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3EED7251-4A10-4303-BA77-1F8081A36CC3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:kingspan:tms300_cs:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB37A52F-17A1-4046-A8A8-93AB741DF6D9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\n\n\nDue to the lack of adequately implemented access-control rules, all versions Kingspan TMS300 CS are vulnerable to an attacker viewing and modifying the application settings without authenticating by accessing a specific uniform resource locator (URL) on the webserver.\n\n"}, {"lang": "es", "value": "Debido a la falta de reglas de control de acceso implementadas adecuadamente, todas las versiones de Kingspan TMS300 CS son vulnerables a que un atacante vea y modifique la configuraci\u00f3n de la aplicaci\u00f3n sin autenticarse accediendo a un localizador uniforme de recursos (URL) espec\u00edfico en el servidor web."}], "id": "CVE-2022-2757", "lastModified": "2024-11-21T07:01:38.780", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-13T22:15:10.007", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-256-04"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}