FKIE_CVE-2022-3090
Vulnerability from fkie_nvd - Published: 2022-11-17 22:15 - Updated: 2024-11-21 07:18
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arbitrary host. This could allow an attacker to obtain user credential hashes.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-01 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redlion:crimson:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD20B4A3-0918-46D1-B589-3393BE7EF5FF",
"versionEndExcluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CD2A9A9A-0E39-4DCB-B7FB-66C5C9F92EE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_477.003:*:*:*:*:*:*",
"matchCriteriaId": "E5C6FAD8-FE55-4D8A-8716-DACC58072DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_493.003:*:*:*:*:*:*",
"matchCriteriaId": "6BD524DE-13F4-4860-B64B-ABDEC69A31A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_493.004:*:*:*:*:*:*",
"matchCriteriaId": "C392CE80-2434-4D51-8A06-35075DBB4781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_493.005:*:*:*:*:*:*",
"matchCriteriaId": "4C290027-C1A9-4835-B12F-2237B83246BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_502.000:*:*:*:*:*:*",
"matchCriteriaId": "EF173B3B-9598-4CA7-98E0-254966A877BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_502.001:*:*:*:*:*:*",
"matchCriteriaId": "D141087B-1985-4C6E-9DAC-D895558549F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_502.003:*:*:*:*:*:*",
"matchCriteriaId": "8CC060CF-A718-4EF5-B631-1CA84DB5C585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_515.002:*:*:*:*:*:*",
"matchCriteriaId": "5513BEF5-6DD2-48D1-9F97-29489032B1FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_515.003:*:*:*:*:*:*",
"matchCriteriaId": "BD1F2913-490C-405B-B2CF-5BE179BBA939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_523.003:*:*:*:*:*:*",
"matchCriteriaId": "B97A0068-EC7C-47EB-B086-014D35324D6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_530.000:*:*:*:*:*:*",
"matchCriteriaId": "1EA3107F-CEA0-40C1-85B3-71F7AA0F5D44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_530.001:*:*:*:*:*:*",
"matchCriteriaId": "58828C17-CA25-4A82-ADA9-0B205B335F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_530.002:*:*:*:*:*:*",
"matchCriteriaId": "482B8A43-B5A6-4EFA-A524-B570C118905C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_530.003:*:*:*:*:*:*",
"matchCriteriaId": "AB7F2E5C-783F-40E5-AE04-1619E677A358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_548.001:*:*:*:*:*:*",
"matchCriteriaId": "819AC791-1A5D-475F-A92B-9FCDD2536F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_548.005:*:*:*:*:*:*",
"matchCriteriaId": "C9DB3C3E-FA86-4AC2-BF5B-C214C111BAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_573.001:*:*:*:*:*:*",
"matchCriteriaId": "32BECE93-E534-4233-90A5-271D7DFBA69C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_573.002:*:*:*:*:*:*",
"matchCriteriaId": "04991137-C936-42EF-BC0A-64E7BD060A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_579.001:*:*:*:*:*:*",
"matchCriteriaId": "5E825360-9C11-4621-8E95-771283A8C595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_579.003:*:*:*:*:*:*",
"matchCriteriaId": "F1631E25-25F0-48DA-8D21-E721FB958628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_582.000:*:*:*:*:*:*",
"matchCriteriaId": "30243F2C-E2A2-446D-A53C-0A2D224CC0EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_582.001:*:*:*:*:*:*",
"matchCriteriaId": "23A4FBD2-D9BD-4F49-9BE9-4F513A489276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_582.003:*:*:*:*:*:*",
"matchCriteriaId": "55BD764E-C72C-4B1B-848E-14802E3A9556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_582.004:*:*:*:*:*:*",
"matchCriteriaId": "5BC101DD-44E8-4F51-B3BC-EE7BFECEDF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_599.000:*:*:*:*:*:*",
"matchCriteriaId": "D1CCFBD2-69BE-4887-876F-FD78AC2E968D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_599.001:*:*:*:*:*:*",
"matchCriteriaId": "07E59B30-ABA5-4A4B-AA01-1907C8014B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_603.000:*:*:*:*:*:*",
"matchCriteriaId": "0182346F-CFFC-4153-B8D7-B6CF760F886C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_605.002:*:*:*:*:*:*",
"matchCriteriaId": "4EA96CB1-2CE1-43EB-9378-450E3CC007E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_615.004:*:*:*:*:*:*",
"matchCriteriaId": "058DF1BE-B53F-4BAD-934F-0AD8FAB75FEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_619.002:*:*:*:*:*:*",
"matchCriteriaId": "D308405B-869C-4D87-84DF-7A669A701DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_619.004:*:*:*:*:*:*",
"matchCriteriaId": "5C73AD75-E6CB-4A29-AEC0-5FA90010B77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_624.000:*:*:*:*:*:*",
"matchCriteriaId": "BDE624CE-3561-48F0-9075-41E86680B369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_624.005:*:*:*:*:*:*",
"matchCriteriaId": "F7D1F1FD-0928-436E-8533-544C4C43D1BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_635.000:*:*:*:*:*:*",
"matchCriteriaId": "333AAC85-4F02-435F-945D-89017D912611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_635.001:*:*:*:*:*:*",
"matchCriteriaId": "A4BB200E-1279-4100-8281-8161299F8769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_639.000:*:*:*:*:*:*",
"matchCriteriaId": "2D5428C8-B2EC-43C8-8AF4-B41FAF625C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_640.000:*:*:*:*:*:*",
"matchCriteriaId": "255362CF-BC54-46AC-A082-9E8508B09DE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_640.001:*:*:*:*:*:*",
"matchCriteriaId": "EDA47C72-B49C-4556-9B67-2C3EF7E519D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_640.002:*:*:*:*:*:*",
"matchCriteriaId": "BFF7FA01-49D5-4B78-85B4-5AEC08F45F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_647.002:*:*:*:*:*:*",
"matchCriteriaId": "21623993-816B-4A64-BB37-E4E4A5C24A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_657.001:*:*:*:*:*:*",
"matchCriteriaId": "481BA483-E4EC-40C3-91BF-B382DFBC8A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_657.003:*:*:*:*:*:*",
"matchCriteriaId": "3EF367C8-322E-4B89-B9A7-7B1DFF8798FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_662.002:*:*:*:*:*:*",
"matchCriteriaId": "5A18054B-13F5-4CEF-AFBD-C3D660E3891C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_662.006:*:*:*:*:*:*",
"matchCriteriaId": "8AE60BE2-C1D1-43D6-A48D-7C7B351CB6DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_675.000:*:*:*:*:*:*",
"matchCriteriaId": "7A9BB7D4-A210-41FF-AAA1-D5CD0CC07C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_678.002:*:*:*:*:*:*",
"matchCriteriaId": "7B6D4609-47D1-4BB8-93CE-2FC4C219E7A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_683.000:*:*:*:*:*:*",
"matchCriteriaId": "0B716D98-836E-4FF0-BBE6-1ABE8C962EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_683.001:*:*:*:*:*:*",
"matchCriteriaId": "E12C93CE-D6F9-4398-A988-42CFBD1454C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_683.002:*:*:*:*:*:*",
"matchCriteriaId": "794315C2-079E-4063-B1E4-C1B21B6AB45E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_690.001:*:*:*:*:*:*",
"matchCriteriaId": "1CE88160-F135-44C7-AEFE-9F4DFC05CC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_690.002:*:*:*:*:*:*",
"matchCriteriaId": "1B4E0DCE-CC6A-460B-844C-657187C496C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_693.000:*:*:*:*:*:*",
"matchCriteriaId": "EF65E301-D47C-4FBB-8A0F-B43C11388936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_694.000:*:*:*:*:*:*",
"matchCriteriaId": "2167BF20-6A1A-49FE-ACE2-15232A2B2D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_697.001:*:*:*:*:*:*",
"matchCriteriaId": "B33B8DAA-BEE3-46A8-92BF-8EDC4E05EEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_697.002:*:*:*:*:*:*",
"matchCriteriaId": "8AC3890F-2C30-47DF-BF7E-398AB4AA7DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_697.003:*:*:*:*:*:*",
"matchCriteriaId": "3237341F-F771-4DA5-8FB8-90B8A42B9BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_700.000:*:*:*:*:*:*",
"matchCriteriaId": "BC75A7D8-AE81-43E9-A1F5-0CCD995B5266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_702.002:*:*:*:*:*:*",
"matchCriteriaId": "4421B3A0-D9B9-4DDB-8F7B-748920483819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_702.004:*:*:*:*:*:*",
"matchCriteriaId": "3126A4CF-9ECE-4C7F-8D7D-EE1785645E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_703.001:*:*:*:*:*:*",
"matchCriteriaId": "3370F739-B6FA-476C-98AD-15329C0DF368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_705.000:*:*:*:*:*:*",
"matchCriteriaId": "C10F32FD-3A78-4C4B-99CE-D6E660BD3680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.0:build_707.000:*:*:*:*:*:*",
"matchCriteriaId": "E081D1CB-5479-4629-8B1F-649BAED95893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7EDD5D63-A62C-4CCF-92CC-DDC04B2C9394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3100.000:*:*:*:*:*:*",
"matchCriteriaId": "42E389EB-D26E-4733-8DC1-C0B7FF73CA68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3100.002:*:*:*:*:*:*",
"matchCriteriaId": "117A2023-798F-4829-8249-ACCC49A57064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3100.003:*:*:*:*:*:*",
"matchCriteriaId": "938C0243-9A8E-42A7-81D6-C4E2DFCDD995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3100.008:*:*:*:*:*:*",
"matchCriteriaId": "C51F7243-90AE-46A2-A292-B07CE332E7AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3100.009:*:*:*:*:*:*",
"matchCriteriaId": "1C250714-2F91-44CC-A9BF-D0E2A48EC2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3100.010:*:*:*:*:*:*",
"matchCriteriaId": "669E041F-5209-4430-8D30-9FBCB061C1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3101.001:*:*:*:*:*:*",
"matchCriteriaId": "91E69A39-450E-4C00-BB7D-873735FF09D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3104.000:*:*:*:*:*:*",
"matchCriteriaId": "1AE35564-E812-45F6-AA03-9FD6AD7DA8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3106.000:*:*:*:*:*:*",
"matchCriteriaId": "C9D8D132-7A5E-42D7-B679-AE2D8DD218D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3106.004:*:*:*:*:*:*",
"matchCriteriaId": "9C597C17-2D73-407D-A783-CF4C3379F0AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3108.002:*:*:*:*:*:*",
"matchCriteriaId": "5B53ABF6-687A-4FEA-B00B-E3164775B071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3108.004:*:*:*:*:*:*",
"matchCriteriaId": "3C2A8184-C0DC-40AD-AF7A-0FC6CBDD5D8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3109.003:*:*:*:*:*:*",
"matchCriteriaId": "78A264F8-AD8F-488A-A8E8-C073092740B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3109.004:*:*:*:*:*:*",
"matchCriteriaId": "2CA78AF9-1417-4AEA-82F8-7BED6A5D695C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3110.000:*:*:*:*:*:*",
"matchCriteriaId": "E45F42D4-B88E-4740-A961-9C180DCC6FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3110.002:*:*:*:*:*:*",
"matchCriteriaId": "61A70D40-854E-490A-87CE-85EED9761AC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3110.004:*:*:*:*:*:*",
"matchCriteriaId": "1911872C-9341-48A1-A6FD-07D1C7B56BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3111.000:*:*:*:*:*:*",
"matchCriteriaId": "00470300-FB88-4114-8FAF-36314F21A227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3112.000:*:*:*:*:*:*",
"matchCriteriaId": "8F636A15-BFA0-470F-86E4-49666ACB4191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3113.000:*:*:*:*:*:*",
"matchCriteriaId": "DB1AA647-DC3D-433E-A455-1BBA6B919EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3114.002:*:*:*:*:*:*",
"matchCriteriaId": "E4C0F453-2F46-4A3D-A1A5-69A78B56578A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3115.006:*:*:*:*:*:*",
"matchCriteriaId": "B49293D9-3EF9-4755-AA2F-6A940F66ED0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3115.008:*:*:*:*:*:*",
"matchCriteriaId": "9D2A4AEC-93FD-4CC1-9FE6-CF616407CDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3115.009:*:*:*:*:*:*",
"matchCriteriaId": "15856A25-445F-42F9-9BAD-1EFFDB8320CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3116.000:*:*:*:*:*:*",
"matchCriteriaId": "92A98980-1131-4338-BEEE-BF65E4ED5D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3119.001:*:*:*:*:*:*",
"matchCriteriaId": "8E69870C-D803-42E8-A380-547E74C0DAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3119.002:*:*:*:*:*:*",
"matchCriteriaId": "C72C69C6-FC2D-4A9B-8FBA-8433C0A49A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3120.000:*:*:*:*:*:*",
"matchCriteriaId": "EA0B1875-1D3C-4F9A-815B-3A822F54B314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3120.001:*:*:*:*:*:*",
"matchCriteriaId": "80E5CF3E-5F8C-4448-B9AD-760EC4F3EFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3121.000:*:*:*:*:*:*",
"matchCriteriaId": "827DF512-A83C-4BB6-9A9E-BEBE321E5DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3122.000:*:*:*:*:*:*",
"matchCriteriaId": "B9D6E436-FD9D-4487-9493-ABB5175DF20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3122.001:*:*:*:*:*:*",
"matchCriteriaId": "04524BEB-7DC2-4F02-A6B5-4E2E4A767329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3123.000:*:*:*:*:*:*",
"matchCriteriaId": "890AE6A8-CCDC-40A9-B094-A1C61DAEDE8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3123.001:*:*:*:*:*:*",
"matchCriteriaId": "2B9500D2-4429-4AF5-9F87-38BC2344F75C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3124.000:*:*:*:*:*:*",
"matchCriteriaId": "29FB4BA1-3CCD-41D6-94E0-E9548790A8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3125.003:*:*:*:*:*:*",
"matchCriteriaId": "F9A16ED0-E81B-4720-BE03-0A45D69D73C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3125.006:*:*:*:*:*:*",
"matchCriteriaId": "349D42CE-EC9D-4671-94C9-B8DAFC2C9307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3125.007:*:*:*:*:*:*",
"matchCriteriaId": "4695353C-274A-41B1-A363-1F1E7D23D2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3126.000:*:*:*:*:*:*",
"matchCriteriaId": "5EBA03E2-16D7-4C52-96C3-904C8E2ABE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.1:build_3126.001:*:*:*:*:*:*",
"matchCriteriaId": "4C211F1D-57D5-4BEB-B3A2-E6BA1AD7B377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "7AF3083B-B556-40D4-83DF-46FFB2EB92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0008.0:*:*:*:*:*:*",
"matchCriteriaId": "2462AB8D-13B5-434F-B53F-AC43952C59D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0014.0:*:*:*:*:*:*",
"matchCriteriaId": "7AEFD4D3-3A5E-4A97-8F8A-00A802EC046E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0015.0:*:*:*:*:*:*",
"matchCriteriaId": "4FC7C595-57E9-46BE-A507-7155310F5BB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0016.0:*:*:*:*:*:*",
"matchCriteriaId": "3EFBC0AE-1BDC-4159-8FA2-4626E1A02F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0020.0:*:*:*:*:*:*",
"matchCriteriaId": "1F6BEB68-BB83-488F-BAD1-674FDA11B7EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0021.0:*:*:*:*:*:*",
"matchCriteriaId": "8C0B5D43-45BD-4A85-808F-8A0B9818F83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0025.0:*:*:*:*:*:*",
"matchCriteriaId": "7202BC35-500E-4DD5-BD65-5E5F849AB97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0026.0:*:*:*:*:*:*",
"matchCriteriaId": "EEE9C0C7-23DC-406E-B89C-CE7C66E4BBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0030.0:*:*:*:*:*:*",
"matchCriteriaId": "83A2D6CA-1BB5-4096-921B-4A722A97AA7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0031.0:*:*:*:*:*:*",
"matchCriteriaId": "9254CF9B-4421-4808-873E-0D0C568FFC06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0035.0:*:*:*:*:*:*",
"matchCriteriaId": "5FA689AC-FDFB-493F-86F0-5C8252B1DB2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0036.0:*:*:*:*:*:*",
"matchCriteriaId": "AB9216B2-FA80-4B8E-B3E7-F1CA85534F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0040.0:*:*:*:*:*:*",
"matchCriteriaId": "89B84594-35D4-40AA-9E66-53D4F586F3F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0041.0:*:*:*:*:*:*",
"matchCriteriaId": "85C30545-0932-4F9C-984E-FAAA464D3DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redlion:crimson:3.2:build_3.2.0044.0:*:*:*:*:*:*",
"matchCriteriaId": "C092F331-B3DD-4CA9-B855-B9D30454842C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user\u0027s password hash is sent to an arbitrary host. This could allow an attacker to obtain user credential hashes."
},
{
"lang": "es",
"value": "Red Lion Controls Crimson 3.0 versiones 707.000 y anteriores, Crimson 3.1 versiones 3126.001 y anteriores, y Crimson 3.2 versiones 3.2.0044.0 y anteriores son vulnerables al path traversal. Al intentar abrir un archivo usando una ruta espec\u00edfica, el hash de la contrase\u00f1a del usuario se env\u00eda a un host arbitrario. Esto podr\u00eda permitir a un atacante obtener hashes de credenciales de usuario."
}
],
"id": "CVE-2022-3090",
"lastModified": "2024-11-21T07:18:48.330",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-17T22:15:10.700",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…