CVE-2022-46650

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page.

CVSS v3 4.9 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-001/	Vendor Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-04	Third Party Advisory US Government Resource
https://www.otorio.com/blog/airlink-acemanager-vulnerabilities/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sierrawireless:es450:-:::::::*
	cpe:2.3:h:sierrawireless:gx450:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sierrawireless:lx40:-:::::::*
	cpe:2.3:h:sierrawireless:lx60:-:::::::*
	cpe:2.3:h:sierrawireless:mp70:-:::::::*
	cpe:2.3:h:sierrawireless:rv50:-:::::::*
	cpe:2.3:h:sierrawireless:rv50x:-:::::::*
	cpe:2.3:h:sierrawireless:rv55:-:::::::*

History

No history.

Information

Published : 2023-02-10 18:15

Updated : 2024-02-28 19:51

NVD link : CVE-2022-46650

Mitre link : CVE-2022-46650

CVE.ORG link : CVE-2022-46650

JSON object : View

Products Affected

sierrawireless

rv50x
lx40
mp70
rv50
rv55
es450
gx450
lx60
aleos

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2022-46650", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2023-02-10T18:15:13.357", "references": [{"url": "https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-001/", "tags": ["Vendor Advisory"], "source": "security@sierrawireless.com"}, {"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-04", "tags": ["Third Party Advisory", "US Government Resource"], "source": "security@sierrawireless.com"}, {"url": "https://www.otorio.com/blog/airlink-acemanager-vulnerabilities/", "tags": ["Exploit", "Third Party Advisory"], "source": "security@sierrawireless.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Secondary", "source": "security@sierrawireless.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page."}], "lastModified": "2023-02-16T18:44:47.477", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA19B9D5-D298-4910-8406-5C5059AB8626", "versionEndIncluding": "4.9.7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sierrawireless:es450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "524DF1AE-21F2-4AA6-99E7-6F98304FF845"}, {"criteria": "cpe:2.3:h:sierrawireless:gx450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2C12CF71-FE0E-44EA-9F2E-7CFB42E7C216"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45265DDA-E10F-49D0-B2C6-FC123C42E5AE", "versionEndIncluding": "4.16.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sierrawireless:lx40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "069DD303-C100-4FAF-BD6B-4EE61CBDE9F7"}, {"criteria": "cpe:2.3:h:sierrawireless:lx60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2A3B7B3D-1594-434B-8E22-01C67DF54F16"}, {"criteria": "cpe:2.3:h:sierrawireless:mp70:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "007D4629-4BE2-4C7A-AC8B-E87739E22D12"}, {"criteria": "cpe:2.3:h:sierrawireless:rv50:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "54218BC7-D942-4907-8052-ECB308753162"}, {"criteria": "cpe:2.3:h:sierrawireless:rv50x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "61D3EF27-E823-4E49-BD58-D050EB02D294"}, {"criteria": "cpe:2.3:h:sierrawireless:rv55:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "215BD4AB-8EFD-4F82-ABE4-E7F81AD528C2"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@sierrawireless.com"}