CVE-2022-31812

CWE-125 โ€” Out-of-bounds Read6 documents4 sources
Severity
8.7HIGH
EPSS
0.4%
top 39.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Siemens Sipass Integrated
Timeline
PublishedMay 23

Description

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected server applications contain an out of bounds read past the end of an allocated buffer while checking the integrity of incoming packets. This could allow an unauthenticated remote attacker to create a denial of service condition.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

โ–ถCVEListV5siemens/sipass_integrated< V2.95.3.18
โ–ถNVDsiemens/sipass_integrated< 2.95.3.18

๐Ÿ”ดVulnerability Details

2
CVEList
CVE-2022-31812: A vulnerability has been identified in SiPass integrated (All versions < V2โ†—2025-05-23
โ–ถ
GHSA
GHSA-xp23-94cq-8m5g: A vulnerability has been identified in SiPass integrated (All versions < V2โ†—2025-05-23
โ–ถ

๐Ÿ“‹Vendor Advisories

3
Oracle
Oracle Oracle Siebel CRM Risk Matrix: Smart Answer (Apache PDFBox) โ€” CVE-2021-31812โ†—2022-07-15
โ–ถ
Oracle
Oracle Oracle Financial Services Applications Risk Matrix: Infrastructure (Apache PDFBox) โ€” CVE-2021-31812โ†—2022-04-15
โ–ถ
Oracle
Oracle Oracle Retail Applications Risk Matrix: Security (Apache PDFbox) โ€” CVE-2021-31812โ†—2022-01-15
โ–ถ
CVE-2022-31812 (HIGH CVSS 8.7) | A vulnerability has been identified | cvebase.io