{
  "document": {
    "title": "SSA-165073: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices",
    "category": "Siemens Security Advisory",
    "csaf_version": "2.0",
    "publisher": {
      "name": "Siemens ProductCERT",
      "contact_details": "productcert@siemens.com",
      "category": "vendor",
      "namespace": "https://www.siemens.com"
    },
    "distribution": {
      "text": "Disclosure is not limited.",
      "tlp": {
        "label": "WHITE"
      }
    },
    "tracking": {
      "id": "SSA-165073",
      "status": "final",
      "version": "1",
      "revision_history": [
        {
          "number": "1",
          "legacy_version": "1.0",
          "date": "2022-05-10T00:00:00Z",
          "summary": "Publication Date"
        }
      ],
      "initial_release_date": "2022-05-10T00:00:00Z",
      "current_release_date": "2022-05-10T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      }
    },
    "notes": [
      {
        "title": "Summary",
        "category": "summary",
        "text": "Multiple vulnerabilities were identified in the webserver of SICAM P850 and SICAM P855 devices. These include unauthenticated access to web-interface functionality, missing HTTPS or impersonation as well as cross-site scripting related vulnerabilities.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions."
      },
      {
        "title": "General Recommendations",
        "category": "general",
        "text": "Operators of critical power systems (e.g. TSOs or DSOs) worldwide are usually required by regulations to build resilience into the power grids by applying multi-level redundant secondary protection schemes. It is therefore recommended that the operators check whether appropriate resilient protection measures are in place. The risk of cyber incidents impacting the grid's reliability can thus be minimized by virtue of the grid design.\n\nSiemens strongly recommends applying the provided security updates using the corresponding tooling and documented procedures made available with the product. If supported by the product, an automated means to apply the security updates across multiple product instances may be used. Siemens strongly recommends prior validation of any security update before being applied, and supervision by trained staff of the update process in the target environment.\n\nAs a general security measure Siemens strongly recommends to protect network access with appropriate mechanisms (e.g. firewalls, segmentation, VPN). It is advised to configure the environment according to our operational guidelines in order to run the devices in a protected IT environment.\n\nRecommended security guidelines can be found at:\n\nhttps://www.siemens.com/gridsecurity"
      },
      {
        "title": "Additional Resources",
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories"
      },
      {
        "title": "Terms of Use",
        "category": "legal_disclaimer",
        "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use."
      }
    ],
    "references": [
      {
        "category": "self",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf",
        "summary": "SSA-165073: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices - PDF Version"
      },
      {
        "category": "self",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-165073.txt",
        "summary": "SSA-165073: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices - TXT Version"
      },
      {
        "category": "self",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-165073.json",
        "summary": "SSA-165073: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices - CSAF Version"
      }
    ],
    "acknowledgments": [
      {
        "names": [
          "Michael Messner"
        ],
        "organization": "Siemens Energy",
        "summary": "reporting the vulnerabilities"
      }
    ]
  },
  "product_tree": {
    "branches": [
      {
        "name": "Siemens",
        "category": "vendor",
        "branches": [
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "1",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8500-0AA00-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "2",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8500-0AA00-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "3",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8500-0AA10-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "4",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8500-0AA10-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "5",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8500-0AA30-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "6",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8500-0AA30-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "7",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA01-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "8",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA01-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "9",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA02-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "10",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA02-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "11",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA11-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "12",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA11-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "13",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA12-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "14",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA12-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "15",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA31-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "16",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA31-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "17",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA32-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P850",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "18",
                  "name": "SICAM P850",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8501-0AA32-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "19",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8550-0AA00-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "20",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8550-0AA00-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "21",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8550-0AA10-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "22",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8550-0AA10-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "23",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8550-0AA30-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "24",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8550-0AA30-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "25",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA01-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "26",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA01-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "27",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA02-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "28",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA02-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "29",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA11-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "30",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA11-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "31",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA12-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "32",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA12-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "33",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA31-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "34",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA31-2AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "35",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA32-0AA0"
                    ]
                  }
                }
              }
            ]
          },
          {
            "name": "SICAM P855",
            "category": "product_name",
            "branches": [
              {
                "name": "< V3.00",
                "category": "product_version_range",
                "product": {
                  "product_id": "36",
                  "name": "SICAM P855",
                  "product_identification_helper": {
                    "model_numbers": [
                      "7KG8551-0AA32-2AA0"
                    ]
                  }
                }
              }
            ]
          }
        ]
      }
    ]
  },
  "vulnerabilities": [
    {
      "title": "CVE-2022-29872",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices do not properly validate parameters of POST requests. This could allow an authenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device."
        }
      ],
      "cve": "CVE-2022-29872",
      "cwe": {
        "id": "CWE-141",
        "name": "Improper Neutralization of Parameter/Argument Delimiters"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29872 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29872 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29872.json",
          "summary": "CVE-2022-29872 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29873",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacker to set the device to a denial of service state or to control the program counter and, thus, execute arbitrary code on the device."
        }
      ],
      "cve": "CVE-2022-29873",
      "cwe": {
        "id": "CWE-141",
        "name": "Improper Neutralization of Parameter/Argument Delimiters"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29873 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29873 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29873.json",
          "summary": "CVE-2022-29873 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29874",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices do not encrypt web traffic with clients but communicate in cleartext via HTTP. This could allow an unauthenticated attacker to capture the traffic and interfere with the functionality of the device."
        }
      ],
      "cve": "CVE-2022-29874",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29874 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29874 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29874.json",
          "summary": "CVE-2022-29874 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29876",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform reflected XSS attacks."
        }
      ],
      "cve": "CVE-2022-29876",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29876 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29876 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29876.json",
          "summary": "CVE-2022-29876 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29877",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices allow unauthenticated access to the web interface configuration area. This could allow an attacker to extract internal configuration details or to reconfigure network settings. However, the reconfigured settings cannot be activated unless the role of an authenticated administrator user."
        }
      ],
      "cve": "CVE-2022-29877",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29877 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29877 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29877.json",
          "summary": "CVE-2022-29877 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29878",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices use a limited range for challenges that are sent during the unencrypted challenge-response communication. An unauthenticated attacker could capture a valid challenge-response pair generated by a legitimate user, and request the webpage repeatedly to wait for the same challenge to reappear for which the correct response is known. This could allow the attacker to access the management interface of the device."
        }
      ],
      "cve": "CVE-2022-29878",
      "cwe": {
        "id": "CWE-294",
        "name": "Authentication Bypass by Capture-replay"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29878 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29878 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29878.json",
          "summary": "CVE-2022-29878 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29879",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow authenticated users to access critical device information."
        }
      ],
      "cve": "CVE-2022-29879",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29879 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29879 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29879.json",
          "summary": "CVE-2022-29879 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29880",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices do not properly validate input in the configuration interface. This could allow an authenticated attacker to place persistent XSS attacks to perform arbitrary actions in the name of a logged user which accesses the affected views."
        }
      ],
      "cve": "CVE-2022-29880",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29880 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29880 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29880.json",
          "summary": "CVE-2022-29880 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29881",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "The web based management interface of affected devices does not employ special access protection for certain internal developer views. This could allow unauthenticated users to extract internal configuration details."
        }
      ],
      "cve": "CVE-2022-29881",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29881 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29881 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29881.json",
          "summary": "CVE-2022-29881 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29882",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices do not handle uploaded files correctly. An unauthenticated attacker could take advantage of this situation to store an XSS attack, which could - when a legitimate user accesses the error logs - perform arbitrary actions in the name of the user."
        }
      ],
      "cve": "CVE-2022-29882",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29882 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29882 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29882.json",
          "summary": "CVE-2022-29882 Mitre 5.0 json"
        }
      ]
    },
    {
      "title": "CVE-2022-29883",
      "notes": [
        {
          "title": "Summary",
          "category": "summary",
          "text": "Affected devices do not restrict unauthenticated access to certain pages of the web interface. This could allow an attacker to delete log files without authentication."
        }
      ],
      "cve": "CVE-2022-29883",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20",
          "21",
          "22",
          "23",
          "24",
          "25",
          "26",
          "27",
          "28",
          "29",
          "30",
          "31",
          "32",
          "33",
          "34",
          "35",
          "36"
        ]
      },
      "scores": [
        {
          "cvss_v3": {
            "version": "3.1",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ]
        }
      ],
      "remediations": [
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/"
        },
        {
          "product_ids": [
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "vendor_fix",
          "details": "Update to V3.00 or later version",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/"
        },
        {
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20",
            "21",
            "22",
            "23",
            "24",
            "25",
            "26",
            "27",
            "28",
            "29",
            "30",
            "31",
            "32",
            "33",
            "34",
            "35",
            "36"
          ],
          "category": "mitigation",
          "details": "Do not access links from untrusted sources while logged in at SICAM P850 or SICAM P855 devices"
        }
      ],
      "references": [
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743594/",
          "summary": "CVE-2022-29883 - SICAM P850"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109743621/",
          "summary": "CVE-2022-29883 - SICAM P855"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-29883.json",
          "summary": "CVE-2022-29883 Mitre 5.0 json"
        }
      ]
    }
  ]
}

