CVE-2022-43400
First published: Fri Oct 21 2022(Updated: )
A vulnerability has been identified in Siveillance Video Mobile Server V2022 R2 (All versions < V22.2a (80)). The mobile server component of affected applications improperly handles the log in for Active Directory accounts that are part of Administrators group. This could allow an unauthenticated remote attacker to access the application without a valid account.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Siveillance Video Mobile Server | <22.2a\(80\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-43400?
CVE-2022-43400 is considered a critical vulnerability due to unauthorized access risks.
How do I fix CVE-2022-43400?
To fix CVE-2022-43400, upgrade to Siemens Siveillance Video Mobile Server version 22.2a or higher.
What types of accounts are affected by CVE-2022-43400?
CVE-2022-43400 affects Active Directory accounts that are part of the Administrators group.
Can CVE-2022-43400 be exploited by an authenticated user?
No, CVE-2022-43400 can be exploited by an unauthenticated user, making it particularly dangerous.
What systems are vulnerable to CVE-2022-43400?
All versions of Siemens Siveillance Video Mobile Server prior to version 22.2a(80) are vulnerable to CVE-2022-43400.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- agent/severity
- agent/author
- agent/references
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/siemens
- canonical/siemens siveillance video mobile server