Show plain JSON{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-46345", "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "dateUpdated": "2024-08-03T14:31:46.241Z", "dateReserved": "2022-11-30T00:00:00", "datePublished": "2022-12-13T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2023-03-14T09:31:10.275Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070)"}], "affected": [{"vendor": "Siemens", "product": "Parasolid V33.1", "versions": [{"version": "All versions < V33.1.264", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Parasolid V34.0", "versions": [{"version": "All versions < V34.0.252", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Parasolid V34.1", "versions": [{"version": "All versions < V34.1.242", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Parasolid V35.0", "versions": [{"version": "All versions < V35.0.170", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Solid Edge SE2022", "versions": [{"version": "All versions < V222.0MP12", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Solid Edge SE2022", "versions": [{"version": "All versions", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Solid Edge SE2023", "versions": [{"version": "All versions < V223.0Update2", "status": "affected"}], "defaultStatus": "unknown"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "type": "CWE"}]}], "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf"}]}, "adp": [{"affected": [{"vendor": "siemens", "product": "parasolid", "cpes": ["cpe:2.3:a:siemens:parasolid:33.1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "33.1", "status": "affected", "lessThan": "33.1.264", "versionType": "custom"}]}, {"vendor": "siemens", "product": "solid_edge", "cpes": ["cpe:2.3:a:siemens:solid_edge:se2022:-:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "se2022", "status": "affected", "lessThan": "v223.0", "versionType": "custom"}]}, {"vendor": "siemens", "product": "parasolid", "cpes": ["cpe:2.3:a:siemens:parasolid:34.1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "34.1", "status": "affected", "lessThan": "34.1.242", "versionType": "custom"}]}, {"vendor": "siemens", "product": "parasolid", "cpes": ["cpe:2.3:a:siemens:parasolid:35.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "35.0", "status": "affected", "lessThan": "35.0.170", "versionType": "custom"}]}, {"vendor": "siemens", "product": "parasolid", "cpes": ["cpe:2.3:a:siemens:parasolid:34.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "34.0", "status": "affected", "lessThan": "34.0.252", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-14T13:00:20.745055Z", "id": "CVE-2022-46345", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-05T19:22:59.367Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T14:31:46.241Z"}, "title": "CVE Program Container", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-588101.pdf", "tags": ["x_transferred"]}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491245.pdf", "tags": ["x_transferred"]}]}]}}