{"id": "CVE-2022-25621", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-03-11T18:15:41.210", "references": [{"url": "https://jpn.nec.com/security-info/secinfo/nv22-004_en.html", "tags": ["Vendor Advisory"], "source": "psirt-info@cyber.jp.nec.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511 Ver8.2.11 and prior, UNIVERGE WA 1512 Ver8.2.11 and prior, UNIVERGE WA 2020 Ver8.2.11 and prior, UNIVERGE WA 2021 Ver8.2.11 and prior, UNIVERGE WA 2610-AP Ver8.2.11 and prior, UNIVERGE WA 2611-AP Ver8.2.11 and prior, UNIVERGE WA 2611E-AP Ver8.2.11 and prior, UNIVERGE WA WA2612-AP Ver8.2.11 and prior allows a remote attacker to execute arbitrary OS commands."}, {"lang": "es", "value": "UNIVERGE WA 1020 Versiones 8.2.11 y anteriores, UNIVERGE WA 1510 Versiones 8.2.11 y anteriores, UNIVERGE WA 1511 Versiones 8.2.11 y anteriores, UNIVERGE WA 1512 Versiones 8.2.11 y anteriores, UNIVERGE WA 2020 Versiones 8.2.11 y anteriores, UNIVERGE WA 2021 Versiones 8.2. 11 y anteriores, UNIVERGE WA 2610-AP Versiones 8.2.11 y anteriores, UNIVERGE WA 2611-AP Versiones 8.2.11 y anteriores, UNIVERGE WA 2611E-AP Versiones 8.2.11 y anteriores, UNIVERGE WA WA2612-AP Versiones 8.2.11 y anteriores permiten a un atacante remoto ejecutar comandos arbitrarios del Sistema Operativo"}], "lastModified": "2022-03-22T17:53:02.347", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa1020_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64E391F-5677-4901-A12B-041031CA6E9F", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa1020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DF66BC3A-F599-4D67-BC0B-2164542F946F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa1510_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED51866B-ADC7-49A1-9909-861A787EEF53", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa1510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "08110880-F402-4FCB-9A96-0287B386D928"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa1511_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91AFB17B-2900-4A62-B0C8-CEC0C03D9261", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa1511:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "08F8E329-9B14-4751-8A7E-124F6CFB951C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa1512_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66E731A8-FC4B-455B-883E-05941B62840A", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa1512:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "79FEA4DC-EE7D-4A0B-8693-63428D5971CD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa2020_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A43A837D-11EB-4B25-B045-72F248F87CF6", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa2020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDD96A7C-9F9A-4334-A14D-EF30E8D71A9F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa2021_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3457EB8F-DB19-4835-A7F8-D272DE2E499E", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa2021:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6343DAFA-572F-416F-836E-ABA417E36C02"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa2610-ap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D24E4A2-A665-4741-9EB2-58A514383176", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa2610-ap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1C8963A0-CE1C-4AD5-AF83-C2C07470D72F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa2611-ap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF773423-95E4-497F-AF5D-449E4E84596C", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa2611-ap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6BCE7133-A2B9-4B15-8852-136AD0043F34"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa2611e-ap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89FAEFB2-485B-4F8F-8D2A-C807B47FB7EB", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa2611e-ap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1C0448DD-AB26-475B-99DE-660877CC584B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nec:univerge_wa2612-ap_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CE802AF-7FFA-4066-BF80-9FF35AF7CEE1", "versionEndIncluding": "8.2.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nec:univerge_wa2612-ap:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "36DFB440-4F76-499B-BDD1-4575F05A0888"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt-info@cyber.jp.nec.com"}
