CVE-2022-30707

MITRE NVD CVE.ORG Print: PDF PDF

Summary

CVECVE-2022-30707
StatePUBLIC
Assigner[email protected]
Source PriorityCVE Program / NVD first with legacy fallback
Published2022-06-28 13:15:00 UTC
Updated2023-08-08 14:21:00 UTC
DescriptionViolation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed (CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00), CENTUM series where CAMS function is used (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R4.01.00 to R4.03.00), CENTUM series regardless of the use of CAMS function (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R5.01.00 to R5.04.20 and R6.01.00 to R6.09.00), Exaopc R3.72.00 to R3.80.00 (only if NTPF100-S6 'For CENTUM VP Support CAMS for HIS' is installed), B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01). If an adjacent attacker successfully compromises a computer using CAMS for HIS software, they can use credentials from the compromised machine to access data from another machine using CAMS for HIS software. This can lead to a disabling of CAMS for HIS software functions on any affected machines, or information disclosure/alteration.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

TypeVendorProductVersionUpdateEditionLanguage
Application Yokogawa B/m9000cs All All All All
Application Yokogawa B/m9000 Vp All All All All
Hardware Yokogawa Centum Cs 3000 - All All All
Hardware Yokogawa Centum Cs 3000 Entry Class - All All All
Operating System Yokogawa Centum Cs 3000 Entry Class Firmware All All All All
Operating System Yokogawa Centum Cs 3000 Firmware All All All All
Hardware Yokogawa Centum Vp - All All All
Hardware Yokogawa Centum Vp Entry Class - All All All
Operating System Yokogawa Centum Vp Entry Class Firmware All All All All
Operating System Yokogawa Centum Vp Entry Class Firmware All All All All
Operating System Yokogawa Centum Vp Entry Class Firmware All All All All
Operating System Yokogawa Centum Vp Firmware All All All All
Operating System Yokogawa Centum Vp Firmware All All All All
Operating System Yokogawa Centum Vp Firmware All All All All
Application Yokogawa Exaopc All All All All

References

ReferenceSourceLinkTags
web-material3.yokogawa.com/1/32780/files/YSAR-22-0006-E.pdf MISC web-material3.yokogawa.com
Yokogawa CAMS for HIS | CISA MISC www.cisa.gov
web-material3.yokogawa.com/19/32780/files/YSAR-22-0006-J.pdf MISC web-material3.yokogawa.com
JVNVU#92819891: CAMS for HISの通信の設計に不備 MISC jvn.jp
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report