Vulnerability in Yokogawa Centum_cs_3000
CVE-2022-22151
CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04…
EPSS: 0.008 (51.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H.
Affected products
- Yokogawa Centum_cs_3000
- Yokogawa Centum_cs_3000_entry
- Yokogawa Centum_cs_3000_entry_firmware
- Yokogawa Centum_cs_3000_firmware
- Yokogawa Centum_vp
- Yokogawa Centum_vp_entry
- Yokogawa Centum_vp_entry_firmware
- Yokogawa Centum_vp_firmware
- Yokogawa Exaopc
- Yokogawa Electric Corporation Centum Cs 3000 — versions versions from R3.08.10 to R3.09.00
Weakness classification (CWE)
References
- vultures@jpcert.or.jp (x_refsource_CONFIRM, Mitigation, Vendor Advisory)
Frequently asked questions
- What is CVE-2022-22151?
- CVE-2022-22151 is a high-severity vulnerability in Yokogawa Centum_cs_3000, classified under Improper Output Neutralization for Logs. CVSS score: 8.1/10. Published 2022-03-11.
- How severe is CVE-2022-22151?
- High severity. CVSS v3 base score is 8.1 out of 10.