Path Traversal in Yokogawa Centum_cs_3000
CVE-2022-21808
Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, a…
EPSS: 0.010 (59.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Yokogawa Centum_cs_3000
- Yokogawa Centum_cs_3000_entry
- Yokogawa Centum_cs_3000_entry_firmware
- Yokogawa Centum_cs_3000_firmware
- Yokogawa Centum_vp
- Yokogawa Centum_vp_entry
- Yokogawa Centum_vp_entry_firmware
- Yokogawa Centum_vp_firmware
- Yokogawa Exaopc
- Yokogawa Electric Corporation Centum Cs 3000 — versions versions from R3.08.10 to R3.09.00
Weakness classification (CWE)
References
- vultures@jpcert.or.jp (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2022-21808?
- CVE-2022-21808 is a high-severity vulnerability in Yokogawa Centum_cs_3000, classified under Relative Path Traversal. CVSS score: 8.8/10. Published 2022-03-11.
- How severe is CVE-2022-21808?
- High severity. CVSS v3 base score is 8.8 out of 10.