NVD - CVE-2022-1292 (original) (raw)

CVE Modified by CISA-ADP 6/17/2026 12:22:09 AM

Action	Type	Old Value	New Value
Added	SSVC		{"timestamp":"2023-07-21T00:00:00+00:00","id":"CVE-2022-1292","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}

CVE Modified by OpenSSL Software Foundation 6/17/2026 12:22:09 AM

Action	Type	Old Value	New Value
Added	Affected		[{"vendor":"OpenSSL","product":"OpenSSL","versions":[{"version":"Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)","status":"affected"},{"version":"Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n)","status":"affected"},{"version":"Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd)","status":"affected"}]}]

CVE Modified by CVE 8/13/2025 10:15:28 AM

Action	Type	Old Value	New Value
Added	Reference		https://gitlab.com/fraf0/cve-2022-1292-re\_score-analysis

Modified Analysis by NIST 8/11/2025 1:19:56 PM

Action	Type	Old Value	New Value
Added	CVSS V3.1		AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Removed	CVSS V3.1	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added	CPE Configuration		OR cpe:2.3:a:siemens:brownfield_connectivity_gateway::::::::* versions up to (excluding) 2.15
Added	Reference Type		CVE: https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf Types: Third Party Advisory
Added	Reference Type		CVE: https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 Types: Broken Link
Added	Reference Type		CVE: https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb Types: Broken Link
Added	Reference Type		CVE: https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 Types: Broken Link
Added	Reference Type		CVE: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/ Types: Mailing List, Third Party Advisory
Added	Reference Type		CVE: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/ Types: Mailing List, Third Party Advisory
Added	Reference Type		OpenSSL Software Foundation: https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf Types: Third Party Advisory
Added	Reference Type		OpenSSL Software Foundation: https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 Types: Broken Link
Added	Reference Type		OpenSSL Software Foundation: https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb Types: Broken Link
Added	Reference Type		OpenSSL Software Foundation: https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 Types: Broken Link
Added	Reference Type		OpenSSL Software Foundation: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/ Types: Mailing List, Third Party Advisory
Added	Reference Type		OpenSSL Software Foundation: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/ Types: Mailing List, Third Party Advisory

CVE Modified by CISA-ADP 5/05/2025 1:17:33 PM

Action	Type	Old Value	New Value
Added	CVSS V3.1		AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added	CWE		CWE-78

CVE Modified by CVE 11/21/2024 1:40:25 AM

Action	Type	New Value
Added	Reference	https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf
Added	Reference	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
Added	Reference	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb
Added	Reference	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
Added	Reference	https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html
Added	Reference	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/
Added	Reference	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/
Added	Reference	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011
Added	Reference	https://security.gentoo.org/glsa/202210-02
Added	Reference	https://security.netapp.com/advisory/ntap-20220602-0009/
Added	Reference	https://security.netapp.com/advisory/ntap-20220729-0004/
Added	Reference	https://www.debian.org/security/2022/dsa-5139
Added	Reference	https://www.openssl.org/news/secadv/20220503.txt
Added	Reference	https://www.oracle.com/security-alerts/cpujul2022.html

CVE Modified by OpenSSL Software Foundation 5/14/2024 5:55:19 AM

Action	Type	Old Value	New Value

CVE Modified by OpenSSL Software Foundation 11/06/2023 10:41:52 PM

Action	Type	Old Value	New Value
Added	Reference		OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 [No types assigned]
Added	Reference		OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb [No types assigned]
Added	Reference		OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 [No types assigned]
Added	Reference		OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/ [No types assigned]
Added	Reference		OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/ [No types assigned]
Removed	Reference	OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2
Removed	Reference	OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb
Removed	Reference	OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23
Removed	Reference	OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/[\[email protected]](/cdn-cgi/l/email-protection)/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/
Removed	Reference	OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/[\[email protected]](/cdn-cgi/l/email-protection)/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/

CVE Modified by OpenSSL Software Foundation 2/14/2023 7:15:12 AM

Action	Type	Old Value	New Value
Added	Reference		https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf [No Types Assigned]

Modified Analysis by NIST 10/21/2022 3:21:20 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:a250_firmware:-::::::: OR cpe:2.3:h:netapp:a250:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:a700s_firmware:-::::::: OR cpe:2.3:h:netapp:a700s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:aff_500f_firmware:-::::::: OR cpe:2.3:h:netapp:aff_500f:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:aff_8300_firmware:-::::::: OR cpe:2.3:h:netapp:aff_8300:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:aff_8700_firmware:-::::::: OR cpe:2.3:h:netapp:aff_8700:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:aff_a400_firmware:-::::::: OR cpe:2.3:h:netapp:aff_a400:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:fabric-attached_storage_a400_firmware:-::::::: OR cpe:2.3:h:netapp:fabric-attached_storage_a400:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:fas_500f_firmware:-::::::: OR cpe:2.3:h:netapp:fas_500f:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:fas_8300_firmware:-::::::: OR cpe:2.3:h:netapp:fas_8300:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:fas_8700_firmware:-::::::: OR cpe:2.3:h:netapp:fas_8700:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h300e_firmware:-::::::: OR cpe:2.3:h:netapp:h300e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h300s_firmware:-::::::: OR cpe:2.3:h:netapp:h300s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h410s_firmware:-::::::: OR cpe:2.3:h:netapp:h410s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h500e_firmware:-::::::: OR cpe:2.3:h:netapp:h500e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h500s_firmware:-::::::: OR cpe:2.3:h:netapp:h500s:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h700e_firmware:-::::::: OR cpe:2.3:h:netapp:h700e:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:netapp:h700s_firmware:-::::::: OR cpe:2.3:h:netapp:h700s:-:::::::*
Added	CPE Configuration		OR cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::* cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vsphere::* cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::* cpe:2.3:a:netapp:clustered_data_ontap:-::::::: cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-::::::: cpe:2.3:a:netapp:oncommand_insight:-::::::: cpe:2.3:a:netapp:oncommand_workflow_automation:-::::::: cpe:2.3:a:netapp:santricity_smi-s_provider:-::::::: cpe:2.3:a:netapp:smi-s_provider:-::::::: cpe:2.3:a:netapp:snapcenter:-::::::: cpe:2.3:a:netapp:snapmanager:-:::::hyper-v::* cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-::::::: cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:::::::
Added	CPE Configuration		OR cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0::::::: cpe:2.3:a:oracle:mysql_server::::::::* versions from (including) 5.0.0 up to (including) 5.7.38 cpe:2.3:a:oracle:mysql_server::::::::* versions from (including) 8.0.0 up to (including) 8.0.29 cpe:2.3:a:oracle:mysql_workbench::::::::* versions up to (including) 8.0.29
Added	CPE Configuration		OR cpe:2.3:o:debian:debian_linux:9.0::::::: cpe:2.3:o:debian:debian_linux:10.0::::::: cpe:2.3:o:debian:debian_linux:11.0:::::::
Added	CPE Configuration		OR cpe:2.3:o:fedoraproject:fedora:35::::::: cpe:2.3:o:fedoraproject:fedora:36:::::::
Changed	Reference Type	https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html No Types Assigned	https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[\[email protected]](/cdn-cgi/l/email-protection)/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[\[email protected]](/cdn-cgi/l/email-protection)/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/ Mailing List, Third Party Advisory
Changed	Reference Type	https://lists.fedoraproject.org/archives/list/[\[email protected]](/cdn-cgi/l/email-protection)/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/ No Types Assigned	https://lists.fedoraproject.org/archives/list/[\[email protected]](/cdn-cgi/l/email-protection)/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/ Mailing List, Third Party Advisory
Changed	Reference Type	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011 No Types Assigned	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011 Third Party Advisory
Changed	Reference Type	https://security.gentoo.org/glsa/202210-02 No Types Assigned	https://security.gentoo.org/glsa/202210-02 Third Party Advisory
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20220602-0009/ No Types Assigned	https://security.netapp.com/advisory/ntap-20220602-0009/ Third Party Advisory
Changed	Reference Type	https://security.netapp.com/advisory/ntap-20220729-0004/ No Types Assigned	https://security.netapp.com/advisory/ntap-20220729-0004/ Third Party Advisory
Changed	Reference Type	https://www.debian.org/security/2022/dsa-5139 No Types Assigned	https://www.debian.org/security/2022/dsa-5139 Third Party Advisory
Changed	Reference Type	https://www.oracle.com/security-alerts/cpujul2022.html No Types Assigned	https://www.oracle.com/security-alerts/cpujul2022.html Third Party Advisory

CVE Modified by OpenSSL Software Foundation 10/16/2022 1:15:15 PM

Action	Type	Old Value	New Value
Added	Reference		https://security.gentoo.org/glsa/202210-02 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/29/2022 4:15:09 PM

Action	Type	Old Value	New Value
Added	Reference		https://security.netapp.com/advisory/ntap-20220729-0004/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/25/2022 2:19:28 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujul2022.html [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 7/14/2022 6:15:08 PM

Action	Type	Old Value	New Value
Added	Reference		https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 6/29/2022 12:15:10 AM

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/[\[email protected]](/cdn-cgi/l/email-protection)/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 6/23/2022 1:15:11 PM

Action	Type	Old Value	New Value
Added	Reference		https://lists.fedoraproject.org/archives/list/[\[email protected]](/cdn-cgi/l/email-protection)/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 6/02/2022 4:15:08 PM

Action	Type	Old Value	New Value
Added	Reference		https://security.netapp.com/advisory/ntap-20220602-0009/ [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/18/2022 11:15:08 AM

Action	Type	Old Value	New Value
Added	Reference		https://www.debian.org/security/2022/dsa-5139 [No Types Assigned]

CVE Modified by OpenSSL Software Foundation 5/15/2022 12:15:09 AM

Action	Type	Old Value	New Value
Added	Reference		https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html [No Types Assigned]

Initial Analysis by NIST 5/11/2022 4:48:10 PM

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added	CVSS V2		NIST (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Added	CWE		NIST CWE-78
Added	CPE Configuration		OR cpe:2.3:a:openssl:openssl::::::::* versions from (including) 1.0.2 up to (excluding) 1.0.2ze cpe:2.3:a:openssl:openssl::::::::* versions from (including) 1.1.1 up to (excluding) 1.1.1o cpe:2.3:a:openssl:openssl::::::::* versions from (including) 3.0.0 up to (excluding) 3.0.3
Changed	Reference Type	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 No Types Assigned	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 Mailing List, Patch, Vendor Advisory
Changed	Reference Type	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb No Types Assigned	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=548d3f280a6e737673f5b61fce24bb100108dfeb Broken Link
Changed	Reference Type	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 No Types Assigned	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23 Mailing List, Patch, Vendor Advisory
Changed	Reference Type	https://www.openssl.org/news/secadv/20220503.txt No Types Assigned	https://www.openssl.org/news/secadv/20220503.txt Vendor Advisory