CVE-2022-22813 - Vulnerability Details

A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the TLS cryptographic key and take active control of the Courier tunneling communication network, they could potentially observe and manipulate traffic associated with product configuration.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Schneider-electric	Easergy P141 Easergy P141 Firmware Easergy P142 Easergy P142 Firmware Easergy P143 Easergy P143 Firmware Easergy P145 Easergy P145 Firmware Easergy P241 Easergy P241 Firmware Easergy P242 Easergy P242 Firmware Easergy P243 Easergy P243 Firmware Easergy P341 Easergy P341 Firmware Easergy P342 Easergy P342 Firmware Easergy P343 Easergy P343 Firmware Easergy P344 Easergy P344 Firmware Easergy P345 Easergy P345 Firmware Easergy P441 Easergy P441 Firmware Easergy P442 Easergy P442 Firmware Easergy P443 Easergy P443 Firmware Easergy P444 Easergy P444 Firmware Easergy P445 Easergy P445 Firmware Easergy P446 Easergy P446 Firmware Easergy P541 Easergy P541 Firmware Easergy P542 Easergy P542 Firmware Easergy P543 Easergy P543 Firmware Easergy P544 Easergy P544 Firmware Easergy P545 Easergy P545 Firmware Easergy P546 Easergy P546 Firmware Easergy P642 Easergy P642 Firmware Easergy P643 Easergy P643 Firmware Easergy P645 Easergy P645 Firmware Easergy P741 Easergy P741 Firmware Easergy P742 Easergy P742 Firmware Easergy P743 Easergy P743 Firmware Easergy P746 Easergy P746 Firmware Easergy P841 Easergy P841 Firmware Easergy P849 Easergy P849 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p141_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p141:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p142_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p142:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p143_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p143:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p145_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p145:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p241_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p241:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p242_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p242:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p243_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p243:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p342_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p342:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p343_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p343:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p344_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p344:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p345_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p345:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p441_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p441:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p442_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p442:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p443_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p443:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p444_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p444:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p445_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p445:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p446_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p446:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p541_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p541:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p542_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p542:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p543_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p543:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p544_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p544:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p545_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p545:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p546_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p546:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p642_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p642:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p643_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p643:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p645_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p645:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p741_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p741:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p742_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p742:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p743_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p743:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p746_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p746:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p341_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p341:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p841_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p841:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:schneider-electric:easergy_p849_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:easergy_p849:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-03

History

No history.

MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2022-02-09T22:05:06.000Z

Updated: 2024-08-03T03:21:49.157Z

Reserved: 2022-01-07T00:00:00.000Z

Link: CVE-2022-22813

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-02-09T23:15:19.480

Modified: 2024-11-21T06:47:29.877

Link: CVE-2022-22813

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object