CVE-2022-47891

All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups	Third Party Advisory
https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:riello-ups:netman_204_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:riello-ups:netman_204:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:32

Type	Values Removed	Values Added
References	~~() https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups - Third Party Advisory~~	() https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : 8.1

04 Oct 2023, 19:57

Type	Values Removed	Values Added
CWE		CWE-798
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CPE		cpe:2.3:o:riello-ups:netman_204_firmware:::::::: cpe:2.3:h:riello-ups:netman_204:-:::::::*
First Time		Riello-ups netman 204 Firmware Riello-ups Riello-ups netman 204
References	~~(MISC) https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups -~~	(MISC) https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups - Third Party Advisory

03 Oct 2023, 12:51

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-03 12:15

Updated : 2024-11-21 07:32

NVD link : CVE-2022-47891

Mitre link : CVE-2022-47891

CVE.ORG link : CVE-2022-47891

JSON object : View

Products Affected

riello-ups

netman_204
netman_204_firmware

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2022-47891", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve-coordination@incibe.es", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-10-03T12:15:09.957", "references": [{"url": "https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups", "tags": ["Third Party Advisory"], "source": "cve-coordination@incibe.es"}, {"url": "https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve-coordination@incibe.es", "description": [{"lang": "en", "value": "CWE-798"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function."}, {"lang": "es", "value": "Todas las versiones de NetMan 204 permiten que un atacante que conozca la MAC y el n\u00famero de serie del dispositivo restablezca la contrase\u00f1a del administrador a trav\u00e9s de la funci\u00f3n de recuperaci\u00f3n leg\u00edtima."}], "lastModified": "2024-11-21T07:32:28.007", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:riello-ups:netman_204_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2421B6CC-83B0-43FF-87AB-91747100461D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:riello-ups:netman_204:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06001306-7B00-453C-9C45-17E5A64DF4C2"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve-coordination@incibe.es"}