CVE-2022-2338: Softing Secure Integration Server Cleartext Transmission of Sensitive Information
First published: Wed Aug 17 2022(Updated: )
Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Softing Secure Integration Server: Version 1.22 and prior | ||
| Softing edgeConnector | =3.1 | |
| Softing edgeAggregator | =3.1 | |
| Softing OPC UA C++ Server SDK | =6 | |
| Softing OPC Suite | =5.2 | |
| Softing uaGate | =1.74 | |
| Softing edgeAggregator | =3.1 | |
| Softing edgeConnector | =3.1 | |
| Softing OPC | =5.2 | |
| Softing Opc Ua C\+\+ Software Development Kit | =6 | |
| Softing Secure Integration Server | =1.22 | |
| Softing Uagates | =1.74 |
Remedy
Softing released new versions to address these vulnerabilities and notified known users of the releases. Users are advised to update to the new versions: Softing Secure Integration Server V1.30 The latest software packages can be downloaded from the Softing website. Softing recommends the following mitigations and workarounds: Change the admin password or create a new user with administrative rights and delete the default admin user. Configure the Windows firewall to block network requests to IP port 9000. Disable the HTTP Server in NGINX configuration of the Softing Secure Integration Server, only using the HTTPS server. For more details on these vulnerabilities and mitigations, users should see SYT-2022-5 on the Softing security website.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for Softing Secure Integration Server?
The vulnerability ID for Softing Secure Integration Server is CVE-2022-2338.
What is the severity of CVE-2022-2338?
The severity of CVE-2022-2338 is medium with a severity value of 5.3.
How does CVE-2022-2338 affect Softing Secure Integration Server?
CVE-2022-2338 affects Softing Secure Integration Server by allowing authentication bypass through a machine-in-the-middle attack.
How can I fix CVE-2022-2338 in Softing Secure Integration Server?
To fix CVE-2022-2338 in Softing Secure Integration Server, ensure that the administration interface is only accessible via encrypted protocols like HTTPS.
Where can I find more information about CVE-2022-2338?
You can find more information about CVE-2022-2338 on the Softing PSIRT website and the CISA ICS-CERT website.
- agent/type
- agent/references
- agent/weakness
- agent/author
- agent/description
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/event
- agent/tags
- agent/first-publish-date
- vendor/softing
- canonical/softing secure integration server: version 1.22 and prior
- canonical/softing edgeconnector
- version/softing edgeconnector/3.1
- canonical/softing edgeaggregator
- version/softing edgeaggregator/3.1
- canonical/softing opc ua c++ server sdk
- version/softing opc ua c++ server sdk/6
- canonical/softing opc suite
- version/softing opc suite/5.2
- canonical/softing uagate
- version/softing uagate/1.74
- canonical/softing opc
- version/softing opc/5.2
- canonical/softing opc ua c\+\+ software development kit
- version/softing opc ua c\+\+ software development kit/6
- canonical/softing secure integration server
- version/softing secure integration server/1.22
- canonical/softing uagates
- version/softing uagates/1.74