NVD - CVE-2021-31892

Vulnerability Change Records for CVE-2021-31892

Change History

Initial Analysis by NIST 8/09/2021 12:26:16 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_analyse_mycondition_firmware:-::::::: OR cpe:2.3:h:siemens:sinumerik_analyse_mycondition:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_analyze_myperformance_firmware:-::::::: OR cpe:2.3:h:siemens:sinumerik_analyze_myperformance:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_integrate_client_firmware::::::::* versions from (including) 2.00.12 up to (excluding) 2.00.18 cpe:2.3:o:siemens:sinumerik_integrate_client_firmware::::::::* versions from (including) 3.00.12 up to (excluding) 3.00.18 cpe:2.3:o:siemens:sinumerik_integrate_client_firmware::::::::* versions from (including) 4.00.15 up to (excluding) 4.00.18 OR cpe:2.3:h:siemens:sinumerik_integrate_client:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_integrate_for_production_firmware::::::::* versions up to (including) 4.1 cpe:2.3:o:siemens:sinumerik_integrate_for_production_firmware:5.1::::::: OR cpe:2.3:h:siemens:sinumerik_integrate_for_production:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_manage_mymachines_firmware:-::::::: OR cpe:2.3:h:siemens:sinumerik_manage_mymachines:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_manage_myprograms_firmware:-::::::: OR cpe:2.3:h:siemens:sinumerik_manage_myprograms:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_manage_myresources_firmware:-::::::: OR cpe:2.3:h:siemens:sinumerik_manage_myresources:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_manage_mytools_firmware:-::::::: OR cpe:2.3:h:siemens:sinumerik_manage_mytools:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_operate_firmware::::::::* versions up to (excluding) 4.8 cpe:2.3:o:siemens:sinumerik_operate_firmware:4.8:-::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.8:sp1::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.8:sp2::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.8:sp3::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.8:sp4::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.8:sp5::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.8:sp6::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.8:sp7::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.93:-::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.93:hotfix_1::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.93:hotfix_2::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.93:hotfix_3::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.93:hotfix_4::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.93:hotfix_5::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.93:hotfix_6::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.94:-::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.94:hotfix_1::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.94:hotfix_2::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.94:hotfix_3::::::* cpe:2.3:o:siemens:sinumerik_operate_firmware:4.94:hotfix_4::::::* OR cpe:2.3:h:siemens:sinumerik_operate:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:siemens:sinumerik_optimize_myprogramming_firmware:-::::::: OR cpe:2.3:h:siemens:sinumerik_optimize_myprogramming:-:::::::*
Added	CVSS V2		NIST (AV:N/AC:M/Au:N/C:P/I:P/A:N)
Added	CVSS V3.1		NIST AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Changed	Reference Type	https://cert-portal.siemens.com/productcert/pdf/ssa-729965.pdf No Types Assigned	https://cert-portal.siemens.com/productcert/pdf/ssa-729965.pdf Vendor Advisory
Changed	Reference Type	https://us-cert.cisa.gov/ics/advisories/icsa-21-194-04 No Types Assigned	https://us-cert.cisa.gov/ics/advisories/icsa-21-194-04 Third Party Advisory