VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 8, 2022· Updated Apr 21, 2025

CVE-2022-30694

CVE-2022-30694

Description

The login endpoint /FormLogin in affected web services does not apply proper origin checking.

This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.

Affected products

102
  • Siemens/SIMATIC Drive Controller CPU 1504D TFv5
    Range: All versions < V2.9.7
  • Siemens/SIMATIC Drive Controller CPU 1507D TFv5
    Range: All versions < V2.9.7
  • Siemens/SIMATIC ET 200pro IM154-8F PN/DP CPUv5
    Range: All versions < V3.2.19
  • Siemens/SIMATIC ET 200pro IM154-8FX PN/DP CPUv5
    Range: All versions < V3.2.19
  • Siemens/SIMATIC ET 200pro IM154-8 PN/DP CPUv5
    Range: All versions < V3.2.19
  • Siemens/SIMATIC ET 200S IM151-8F PN/DP CPUv5
    Range: All versions < V3.2.19
  • Siemens/SIMATIC ET 200S IM151-8 PN/DP CPUv5
    Range: All versions < V3.2.19
  • Siemens/SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)v5
    Range: All versions < V21.9.7
  • Siemens/SIMATIC PC Stationv5
    Range: All versions >= V2.1
  • Siemens/SIMATIC S7-1200 CPU family (incl. SIPLUS variants)v5
    Range: All versions < V4.6.0
  • Siemens Foundation/Simatic S7 1511 1 Pn CPUcpe-rescue10 versions
    All versions < V2.9.7+ 9 more
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
  • Siemens Foundation/Simatic S7 1513 1 Pn CPUcpe-rescue3 versions
    All versions < V2.9.7+ 2 more
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
  • Siemens Foundation/Simatic S7 1515 2 Pn CPUcpe-rescue7 versions
    All versions < V2.9.7+ 6 more
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
  • Siemens Foundation/Simatic S7 1516 3 Pn\/dp CPUcpe-rescue9 versions
    All versions < V2.9.7+ 8 more
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V2.9.7
  • Siemens Foundation/Simatic S7 1516f 3 Pn\/dp CPUcpe-rescue2 versions
    All versions < V2.9.7+ 1 more
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
  • Siemens Foundation/Simatic S7 1518 4 Pn\/dp CPUcpe-rescue6 versions
    All versions < V3.0.1+ 5 more
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V2.9.7
  • Siemens Foundation/Simatic S7 1518f 4 Pn\/dp CPUcpe-rescue3 versions
    All versions < V3.0.1+ 2 more
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V2.9.7
  • Siemens/SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PNv5
    Range: All versions < V2.9.7
  • Siemens Foundation/Simatic S7 1500 Software Controllercpe-rescue
    Range: All versions < V21.9.7
  • Siemens Foundation/Simatic S7 300 CPUcpe-rescue5 versions
    All versions < V3.3.19+ 4 more
    • (no CPE)range: All versions < V3.3.19
    • (no CPE)range: All versions < V3.2.19
    • (no CPE)range: All versions < V3.2.19
    • (no CPE)range: All versions < V3.2.19
    • (no CPE)range: All versions < V3.2.19
  • Siemens Foundation/Simatic S7 400 CPU 414 3 Pn\/dpcpe-rescue5 versions
    All versions < V3.2.19+ 4 more
    • (no CPE)range: All versions < V3.2.19
    • (no CPE)range: All versions < V3.2.19
    • (no CPE)range: All versions < V3.2.19
    • (no CPE)range: All versions < V3.2.19
    • (no CPE)range: All versions < V3.2.19
  • Siemens/SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)v5
    Range: All versions
  • Siemens/SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)v5
    Range: All versions
  • Siemens Foundation/SIMATIC S7-PLCSIM V17cpe-rescue
    Range: All versions < V5.0
  • Siemens Foundation/Wincc Runtime Advancedcpe-rescue
    Range: All versions < V17 Update 5
  • Siemens Foundation/SINUMERIK ONEcpe-rescue
    Range: All versions < V6.22
  • Siemens/SIPLUS ET 200S IM151-8F PN/DP CPUv5
    Range: All versions < V3.2.19
  • Siemens/SIPLUS ET 200S IM151-8 PN/DP CPUv5
    Range: All versions < V3.2.19
  • Siemens/SIPLUS ET 200SP CPU 1510SP-1 PNv5
    Range: All versions < V2.9.7
  • Siemens Foundation/SIPLUS ET 200SP CP 1542SP-1 IRC TX RAILcpe-rescue3 versions
    All versions < V2.9.7+ 2 more
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
    • (no CPE)range: All versions < V2.9.7
  • Siemens/SIPLUS ET 200SP CPU 1510SP F-1 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS ET 200SP CPU 1510SP F-1 PN RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS ET 200SP CPU 1512SP-1 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS ET 200SP CPU 1512SP F-1 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1511-1 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1511-1 PN T1 RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1511-1 PN TX RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1511F-1 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1513-1 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1513F-1 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1515F-2 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1515F-2 PN RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1515F-2 PN T2 RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1515R-2 PNv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1515R-2 PN TX RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1516-3 PN/DP RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1516F-3 PN/DP RAILv5
    Range: All versions < V2.9.7
  • Siemens/SIPLUS S7-1500 CPU 1517H-3 PNv5
    Range: All versions < V3.0.1
  • Siemens Foundation/Siplus S7 1500 CPU 1518 4 Pn\/dp Mfp Firmwarecpe-rescue4 versions
    All versions < V3.0.1+ 3 more
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
    • (no CPE)range: All versions < V3.0.1
  • Siemens/SIPLUS S7-300 CPU 314C-2 PN/DPv5
    Range: All versions < V3.3.19
  • Siemens/SIPLUS S7-300 CPU 315-2 PN/DPv5
    Range: All versions < V3.2.19
  • Siemens/SIPLUS S7-300 CPU 315F-2 PN/DPv5
    Range: All versions < V3.2.19
  • Siemens/SIPLUS S7-300 CPU 317-2 PN/DPv5
    Range: All versions < V3.2.19
  • Siemens/SIPLUS S7-300 CPU 317F-2 PN/DPv5
    Range: All versions < V3.2.19

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.