CVE-2022-23854

AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal
https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2023-001_r.pdf
https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:aveva:intouch_access_anywhere::::::::
	cpe:2.3:a:aveva:intouch_access_anywhere:2020:-::::::
	cpe:2.3:a:aveva:intouch_access_anywhere:2020:r2::::::

History

19 Jan 2024, 19:15

Type	Values Removed	Values Added
References		() https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal -

17 Jan 2024, 07:15

Type	Values Removed	Values Added
References		() https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2023-001_r.pdf -

07 Nov 2023, 03:44

Type	Values Removed	Values Added
Summary	AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.	AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.

23 Jun 2023, 18:42

Type	Values Removed	Values Added
CWE	~~CWE-23~~	CWE-22

Information

Published : 2022-12-23 21:15

Updated : 2024-02-28 19:51

NVD link : CVE-2022-23854

Mitre link : CVE-2022-23854

CVE.ORG link : CVE-2022-23854

JSON object : View

Products Affected

aveva

intouch_access_anywhere

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-23

Relative Path Traversal

{"id": "CVE-2022-23854", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-12-23T21:15:09.097", "references": [{"url": "https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal", "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2023-001_r.pdf", "source": "ics-cert@hq.dhs.gov"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-23"}]}], "descriptions": [{"lang": "en", "value": "\nAVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server. \n\n"}, {"lang": "es", "value": "AVEVA InTouch Access Anywhere versiones 2020 R2 y anteriores son vulnerables a una explotaci\u00f3n de path traversal que podr\u00eda permitir a un usuario no autenticado con acceso a la red leer archivos en el sistema fuera del servidor web de puerta de enlace segura."}], "lastModified": "2024-01-19T19:15:07.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:aveva:intouch_access_anywhere:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F4E91FD-1FBB-4093-8A99-F89756A3B51E", "versionEndExcluding": "2020"}, {"criteria": "cpe:2.3:a:aveva:intouch_access_anywhere:2020:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A10DB83A-3B40-4E29-8958-5FBA3625CB5F"}, {"criteria": "cpe:2.3:a:aveva:intouch_access_anywhere:2020:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1FEED24-00F2-44EF-94B5-039390753A97"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}