CVE-2022-1069

2022-08-1721:15:08

CWE-125

[email protected]

web.nvd.nist.gov

cve-2022-1069

http packet

denial-of-service

softing secure integration server

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.004

Percentile

72.3%

JSON

A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.

Affected configurations

Nvd

Node

softingedgeaggregatorMatch3.1

softingedgeconnectorMatch3.1

softingopcMatch5.2

softingopc_ua_c\+\+_software_development_kitMatch6

softingsecure_integration_serverMatch1.22

softinguagatesMatch1.74

VendorProductVersionCPE
softingedgeaggregator3.1cpe:2.3:a:softing:edgeaggregator:3.1:*:*:*:*:*:*:*
softingedgeconnector3.1cpe:2.3:a:softing:edgeconnector:3.1:*:*:*:*:*:*:*
softingopc5.2cpe:2.3:a:softing:opc:5.2:*:*:*:*:*:*:*
softingopc_ua_c\+\+_software_development_kit6cpe:2.3:a:softing:opc_ua_c\+\+_software_development_kit:6:*:*:*:*:*:*:*
softingsecure_integration_server1.22cpe:2.3:a:softing:secure_integration_server:1.22:*:*:*:*:*:*:*
softinguagates1.74cpe:2.3:a:softing:uagates:1.74:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
softing	edgeaggregator	3.1	cpe:2.3:a:softing:edgeaggregator:3.1:::::::*
softing	edgeconnector	3.1	cpe:2.3:a:softing:edgeconnector:3.1:::::::*
softing	opc	5.2	cpe:2.3:a:softing:opc:5.2:::::::*
softing	opc_ua_c\+\+_software_development_kit	6	cpe:2.3:a:softing:opc_ua_c\+\+_software_development_kit:6:::::::*
softing	secure_integration_server	1.22	cpe:2.3:a:softing:secure_integration_server:1.22:::::::*
softing	uagates	1.74	cpe:2.3:a:softing:uagates:1.74:::::::*