Lucene search
HistoryDec 13, 2022 - 10:15 p.m.
CVE-2022-38355
daikin
svmpc1
svmpc2
lan
unauthenticated
sensitive information
vulnerability
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
10.6%
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to
attackers with access to the local area network (LAN) to disclose sensitive information stored by the affected product without requiring authentication.
Affected configurations
Node
daikinlatamsvmpc1Range≤2.1.22
ORdaikinlatamsvmpc2Range≤1.2.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| daikinlatam | svmpc1 | * | cpe:2.3:a:daikinlatam:svmpc1:*:*:*:*:*:*:*:* |
| daikinlatam | svmpc2 | * | cpe:2.3:a:daikinlatam:svmpc2:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2022-38355
2022-12-13 22:15:10
cvelist
cvelist
CVE-2022-38355
2022-12-13 21:12:06
prion
prion
Authentication flaw
2022-12-13 22:15:00
ics
ics
Daikin Holdings Singapore
2022-10-24 12:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
0
Percentile
10.6%
Related for NVD:CVE-2022-38355