CVE-2022-46738
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.
Affected (22)
Products: Dataprobe: Iboot Pdu4 N20 Firmware, Iboot Pdu4sa N15 Firmware, Iboot Pdu4a N15 Firmware, Iboot Pdu4sa N20 Firmware, Iboot Pdu4a N20 Firmware, Iboot Pdu8sa N15 Firmware, Iboot Pdu8a N15 Firmware, Iboot Pdu8sa 2n15 Firmware, Iboot Pdu8a 2n15 Firmware, Iboot Pdu8sa N20 Firmware, Iboot Pdu8a N20 Firmware, Iboot Pdu8a 2n20 Firmware, Iboot Pdu4 C20 Firmware, Iboot Pdu4a C10 Firmware, Iboot Pdu4sa C10 Firmware, Iboot Pdu8a C10 Firmware, Iboot Pdu8sa C10 Firmware, Iboot Pdu8a 2c20 Firmware, Iboot Pdu4sa C20 Firmware, Iboot Pdu4a C20 Firmware, Iboot Pdu8a 2c10 Firmware, Iboot Pdu8a C20 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4 N20 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4sa N15 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4a N15 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4sa N20 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4a N20 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8sa N15 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8a N15 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8sa 2n15 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8a 2n15 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8sa N20 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8a N20 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8a 2n20 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4 C20 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4a C10 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4sa C10 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8a C10 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8sa C10 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8a 2c20 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4sa C20 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu4a C20 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8a 2c10 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.42.06162022 |
| Running on/with | Platform Versions |
|---|---|
Dataprobe Iboot Pdu8a C20 | All versions |
References (4)
Source: ics-cert@hq.dhs.gov
Product
Source: ics-cert@hq.dhs.gov
PatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Product
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryUS Government Resource
Timeline
No history available yet.