CVE-2022-3090

Red Lion Controls Crimson 3.0 versions 707.000 and prior, Crimson 3.1 versions 3126.001 and prior, and Crimson 3.2 versions 3.2.0044.0 and prior are vulnerable to path traversal. When attempting to open a file using a specific path, the user's password hash is sent to an arbitrary host. This could allow an attacker to obtain user credential hashes.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-01 Third Party Advisory US Government Resource
Configurations

Configuration 1

cpe:2.3:a:redlion:crimson:3.0:build_702.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_702.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_700.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_697.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_697.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_697.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_694.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_693.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_690.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_690.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_683.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_683.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_683.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_678.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_675.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_662.006:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_662.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_657.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_657.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_647.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_640.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_640.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_640.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_639.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_635.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_635.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_624.005:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_624.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_619.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_619.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_615.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_605.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_603.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_599.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_599.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_582.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_582.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_582.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_582.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_579.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_579.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_573.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_573.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_548.005:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_548.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_530.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_530.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_530.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_530.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_523.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_515.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_515.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_502.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_502.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_502.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_493.005:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_493.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_493.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_477.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_705.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_703.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:build_707.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.0:-:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:*:*:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3119.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3120.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3119.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3120.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3121.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3122.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3122.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3116.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3123.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3123.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3124.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3125.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3125.006:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3125.007:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3126.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3126.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3115.009:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3115.008:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3115.006:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3114.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3113.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3112.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3111.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3110.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3110.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3110.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3109.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3109.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3108.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3108.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3106.004:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3106.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3104.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3101.001:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3100.010:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3100.009:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3100.008:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3100.003:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3100.002:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:build_3100.000:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.1:-:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0044.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0041.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0040.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0036.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0031.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0035.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0030.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0025.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0026.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0021.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0020.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0016.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0015.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0014.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:build_3.2.0008.0:*:*:*:*:*:*
cpe:2.3:a:redlion:crimson:3.2:-:*:*:*:*:*:*

Information

Published : 2022-11-17 10:15

Updated : 2022-11-22 07:54


NVD link : CVE-2022-3090

Mitre link : CVE-2022-3090

Products Affected
No products.
CWE