Lucene search

[email protected]NVD:CVE-2022-2242

HistoryAug 10, 2022 - 11:15 a.m.

CVE-2022-2242

2022-08-1011:15:08

CWE-306

[email protected]

web.nvd.nist.gov

kuka systemsoftware

access control

unauthorized access

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

62.1%

JSON

The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default).

Affected configurations

Nvd

Node

kukasystemsoftware_v\/kssRange8.2–8.6.5

VendorProductVersionCPE
kukasystemsoftware_v\/kss*cpe:2.3:a:kuka:systemsoftware_v\/kss:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kuka	systemsoftware_v\/kss	*	cpe:2.3:a:kuka:systemsoftware_v\/kss::::::::

References

www.kuka.com/advisories-CVE-2022-2242

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

62.1%

JSON

Related for NVD:CVE-2022-2242

cvelist1 prion1 cve1