Vulnerability Description
Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yokogawa | Centum Cs 3000 Firmware | >= r3.08.10, <= r3.09.00 |
| Yokogawa | Centum Cs 3000 | - |
| Yokogawa | Centum Cs 3000 Entry Firmware | >= r3.08.10, <= r3.09.00 |
| Yokogawa | Centum Cs 3000 Entry | - |
| Yokogawa | Centum Vp Firmware | >= r4.01.00, <= r4.03.00 |
| Yokogawa | Centum Vp | - |
| Yokogawa | Centum Vp Entry Firmware | >= r4.01.00, <= r4.03.00 |
| Yokogawa | Centum Vp Entry | - |
| Yokogawa | Exaopc | >= r3.72.00, < r3.80.00 |
Related Weaknesses (CWE)
References
- https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdfVendor Advisory
- https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdfVendor Advisory
FAQ
What is CVE-2022-21808?
CVE-2022-21808 is a vulnerability with a CVSS score of 8.8 (HIGH). Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to...
How severe is CVE-2022-21808?
CVE-2022-21808 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-21808?
Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Centum Cs 3000 Firmware, Yokogawa Centum Cs 3000, Yokogawa Centum Cs 3000 Entry Firmware, Yokogawa Centum Cs 3000 Entry, Yokogawa Centum Vp Firmware.