Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-4842 (GCVE-0-2018-4842)
Vulnerability from cvelistv5
Published
2018-06-14 00:00
Modified
2024-08-05 05:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) |
Version: All versions < V5.4.1 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:18:26.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104494",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/104494"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.4.1"
}
]
},
{
"product": "SCALANCE X-200RNA switch family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.7"
}
]
},
{
"product": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.1.3"
}
]
}
],
"datePublic": "2018-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-200RNA switch family (All versions \u003c V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"name": "104494",
"tags": [
"vdb-entry"
],
"url": "https://www.securityfocus.com/bid/104494"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2018-4842",
"datePublished": "2018-06-14T00:00:00",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T05:18:26.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-4842\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2018-06-14T16:29:00.397\",\"lastModified\":\"2024-11-21T04:07:33.950\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-200RNA switch family (All versions \u003c V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en la familia de conmutadores SCALANCE X-200IRT (incluidas las variantes SIPLUS NET) (todas las versiones inferiores a la versi\u00f3n V5.4.1), la familia de conmutadores SCALANCE X-300 (incluidas las variantes X408 y SIPLUS NET) (todas las versiones inferiores a la versi\u00f3n V4.1.3 ) Un atacante remoto y autenticado con acceso al servidor web de configuraci\u00f3n podr\u00eda almacenar el c\u00f3digo del script en el sitio web, si la opci\u00f3n de redundancia HRP est\u00e1 configurada. Este c\u00f3digo podr\u00eda ejecutarse en el navegador web de las v\u00edctimas que visitan este sitio web (XSS), afectando su confidencialidad, integridad y disponibilidad. La interacci\u00f3n del usuario es necesaria para una explotaci\u00f3n exitosa, ya que el usuario debe visitar el sitio web manipulado. En la etapa de publicaci\u00f3n de este aviso de seguridad no se conoce explotaci\u00f3n p\u00fablica. El proveedor ha confirmado la vulnerabilidad y proporciona mitigaciones para resolverla.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.7,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_x200irt_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.4.1\",\"matchCriteriaId\":\"7AA7D616-B6B3-4883-9EC2-ED08C8F22D99\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAF3DA7A-6B80-4F20-835F-BF071197D1B0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E05BF7A-928C-4BF3-963F-7168037DFD51\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3F6299B-D7E3-4750-B016-7DCBC83C2287\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.2.3\",\"matchCriteriaId\":\"82699DAE-653E-4892-AABE-BD7EB0D08224\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A59C91EA-5D1B-4970-8C36-BD76BA420B12\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.securityfocus.com/bid/104494\",\"source\":\"productcert@siemens.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.securityfocus.com/bid/104494\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
gsd-2018-4842
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-4842",
"description": "A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.",
"id": "GSD-2018-4842"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-4842"
],
"details": "A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-200RNA switch family (All versions \u003c V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.",
"id": "GSD-2018-4842",
"modified": "2023-12-13T01:22:28.685250Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-4842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.4.1"
}
]
}
},
{
"product_name": "SCALANCE X-200RNA switch family",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2.7"
}
]
}
},
{
"product_name": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.1.3"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-200RNA switch family (All versions \u003c V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104494",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/104494"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_x200irt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.4.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.2.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-4842"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-200RNA switch family (All versions \u003c V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"name": "104494",
"refsource": "BID",
"tags": [],
"url": "https://www.securityfocus.com/bid/104494"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
},
"lastModifiedDate": "2022-12-13T17:15Z",
"publishedDate": "2018-06-14T16:29Z"
}
}
}
cnvd-2018-11389
Vulnerability from cnvd
Title
Siemens SCALANCE X Switches跨站脚本漏洞
Description
Siemens SCALANCE X Switches是德国西门子(Siemens)公司的一款工业以太网交换机产品。
Siemens SCALANCE X Switches存在跨站脚本漏洞,如果设置了HRP冗余选项,则可以访问配置Web服务器的远程认证攻击者可以在网站上存储脚本代码,此代码可以在访问本网站(XSS)的用户的Web浏览器中执行,影响其机密性,完整性和可用性。
Severity
中
VLAI Severity ?
Patch Name
Siemens SCALANCE X Switches跨站脚本漏洞的补丁
Patch Description
Siemens SCALANCE X Switches是德国西门子(Siemens)公司的一款工业以太网交换机产品。
Siemens SCALANCE X Switches存在跨站脚本漏洞,如果设置了HRP冗余选项,则可以访问配置Web服务器的远程认证攻击者可以在网站上存储脚本代码,此代码可以在访问本网站(XSS)的用户的Web浏览器中执行,影响其机密性,完整性和可用性。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://support.industry.siemens.com/cs/de/en/view/109758144
Reference
https://ics-cert.us-cert.gov/advisories/ICSA-18-163-02
Impacted products
| Name | ['SIEMENS SCALANCE X300', 'SIEMENS SCALANCE X-200 IRT <5.4.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-4842"
}
},
"description": "Siemens SCALANCE X Switches\u662f\u5fb7\u56fd\u897f\u95e8\u5b50(Siemens)\u516c\u53f8\u7684\u4e00\u6b3e\u5de5\u4e1a\u4ee5\u592a\u7f51\u4ea4\u6362\u673a\u4ea7\u54c1\u3002\r\n\r\nSiemens SCALANCE X Switches\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u5982\u679c\u8bbe\u7f6e\u4e86HRP\u5197\u4f59\u9009\u9879\uff0c\u5219\u53ef\u4ee5\u8bbf\u95ee\u914d\u7f6eWeb\u670d\u52a1\u5668\u7684\u8fdc\u7a0b\u8ba4\u8bc1\u653b\u51fb\u8005\u53ef\u4ee5\u5728\u7f51\u7ad9\u4e0a\u5b58\u50a8\u811a\u672c\u4ee3\u7801\uff0c\u6b64\u4ee3\u7801\u53ef\u4ee5\u5728\u8bbf\u95ee\u672c\u7f51\u7ad9\uff08XSS\uff09\u7684\u7528\u6237\u7684Web\u6d4f\u89c8\u5668\u4e2d\u6267\u884c\uff0c\u5f71\u54cd\u5176\u673a\u5bc6\u6027\uff0c\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u3002",
"discovererName": "Ali Abbasi",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5:\r\nhttps://support.industry.siemens.com/cs/de/en/view/109758144",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-11389",
"openTime": "2018-06-13",
"patchDescription": "Siemens SCALANCE X Switches\u662f\u5fb7\u56fd\u897f\u95e8\u5b50(Siemens)\u516c\u53f8\u7684\u4e00\u6b3e\u5de5\u4e1a\u4ee5\u592a\u7f51\u4ea4\u6362\u673a\u4ea7\u54c1\u3002\r\n\r\nSiemens SCALANCE X Switches\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u5982\u679c\u8bbe\u7f6e\u4e86HRP\u5197\u4f59\u9009\u9879\uff0c\u5219\u53ef\u4ee5\u8bbf\u95ee\u914d\u7f6eWeb\u670d\u52a1\u5668\u7684\u8fdc\u7a0b\u8ba4\u8bc1\u653b\u51fb\u8005\u53ef\u4ee5\u5728\u7f51\u7ad9\u4e0a\u5b58\u50a8\u811a\u672c\u4ee3\u7801\uff0c\u6b64\u4ee3\u7801\u53ef\u4ee5\u5728\u8bbf\u95ee\u672c\u7f51\u7ad9\uff08XSS\uff09\u7684\u7528\u6237\u7684Web\u6d4f\u89c8\u5668\u4e2d\u6267\u884c\uff0c\u5f71\u54cd\u5176\u673a\u5bc6\u6027\uff0c\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Siemens SCALANCE X Switches\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"SIEMENS SCALANCE X300",
"SIEMENS SCALANCE X-200 IRT \u003c5.4.1"
]
},
"referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-18-163-02",
"serverity": "\u4e2d",
"submitTime": "2018-06-13",
"title": "Siemens SCALANCE X Switches\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}
var-201806-1770
Vulnerability from variot
A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it. plural SCALANCE The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. SiemensSCALANCEXSwitches is an industrial Ethernet switch from Siemens AG. There is a cross-site scripting vulnerability in SiemensSCALANCEXSwitches. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. The following products and versions are vulnerable: Versions prior to SCALANCE X-200 5.2.3 Versions prior to SCALANCE X-200 IRT 5.4.1 SCALANCE X300
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1770",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scalance x300",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.2.3"
},
{
"model": "scalance x200irt",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.4.1"
},
{
"model": "scalance x-300",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance x200 irt",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "5.4.1"
},
{
"model": "scalance x200",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "x300"
},
{
"model": "scalance irt",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "x-200\u003c5.4.1"
},
{
"model": "scalance x200irt",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "5.0.0"
},
{
"model": "scalance x200irt",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "5.1.0"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x3000"
},
{
"model": "scalance irt",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x-2000"
},
{
"model": "scalance",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "x-2004.5"
},
{
"model": "scalance irt",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x-2005.4.1"
},
{
"model": "scalance",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "x-2005.2.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x200irt",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x300",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scalance x200",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-874"
},
{
"db": "NVD",
"id": "CVE-2018-4842"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:siemens:scalance_x-300",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:scalance_x200irt_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:scalance_x200_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marius Rothenb\u00fccher and Ali Abbasi",
"sources": [
{
"db": "BID",
"id": "104494"
}
],
"trust": 0.3
},
"cve": "CVE-2018-4842",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2018-4842",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-11389",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-134873",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.7,
"id": "CVE-2018-4842",
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-4842",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-4842",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-11389",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-874",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-134873",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"db": "VULHUB",
"id": "VHN-134873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-874"
},
{
"db": "NVD",
"id": "CVE-2018-4842"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-200RNA switch family (All versions \u003c V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it. plural SCALANCE The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. SiemensSCALANCEXSwitches is an industrial Ethernet switch from Siemens AG. There is a cross-site scripting vulnerability in SiemensSCALANCEXSwitches. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. \nThe following products and versions are vulnerable:\nVersions prior to SCALANCE X-200 5.2.3\nVersions prior to SCALANCE X-200 IRT 5.4.1\nSCALANCE X300",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4842"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-134873"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4842",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-163-02",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-480829",
"trust": 2.0
},
{
"db": "BID",
"id": "104494",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201806-874",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-11389",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2F35721-39AB-11E9-8D5A-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-134873",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"db": "VULHUB",
"id": "VHN-134873"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-874"
},
{
"db": "NVD",
"id": "CVE-2018-4842"
}
]
},
"id": "VAR-201806-1770",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"db": "VULHUB",
"id": "VHN-134873"
}
],
"trust": 1.4566514000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11389"
}
]
},
"last_update_date": "2024-11-23T21:53:00.330000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-480829",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"title": "Patch for SiemensSCALANCEXSwitches cross-site scripting vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/131837"
},
{
"title": "Siemens SCALANCE X-200 IRT and SCALANCE X300 Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=80922"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-874"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"db": "NVD",
"id": "CVE-2018-4842"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"trust": 1.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-163-02"
},
{
"trust": 1.7,
"url": "https://www.securityfocus.com/bid/104494"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4842"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4842"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-18-163-02"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"db": "VULHUB",
"id": "VHN-134873"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-874"
},
{
"db": "NVD",
"id": "CVE-2018-4842"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"db": "VULHUB",
"id": "VHN-134873"
},
{
"db": "BID",
"id": "104494"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-874"
},
{
"db": "NVD",
"id": "CVE-2018-4842"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-13T00:00:00",
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"date": "2018-06-14T00:00:00",
"db": "VULHUB",
"id": "VHN-134873"
},
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104494"
},
{
"date": "2018-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-874"
},
{
"date": "2018-06-14T16:29:00.397000",
"db": "NVD",
"id": "CVE-2018-4842"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11389"
},
{
"date": "2022-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-134873"
},
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104494"
},
{
"date": "2018-10-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006544"
},
{
"date": "2022-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-874"
},
{
"date": "2024-11-21T04:07:33.950000",
"db": "NVD",
"id": "CVE-2018-4842"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-874"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SCALANCE X Switches Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2f35721-39ab-11e9-8d5a-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11389"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-874"
}
],
"trust": 0.6
}
}
fkie_cve-2018-4842
Vulnerability from fkie_nvd
Published
2018-06-14 16:29
Modified
2024-11-21 04:07
Severity ?
Summary
A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-200RNA switch family (All versions < V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.
References
| URL | Tags | ||
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf | Mitigation, Vendor Advisory | |
| productcert@siemens.com | https://www.securityfocus.com/bid/104494 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/104494 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | scalance_x200irt_firmware | * | |
| siemens | scalance_x200_irt | - | |
| siemens | scalance_x300_firmware | - | |
| siemens | scalance_x300 | - | |
| siemens | scalance_x200_firmware | * | |
| siemens | scalance_x200 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_x200irt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA7D616-B6B3-4883-9EC2-ED08C8F22D99",
"versionEndExcluding": "5.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_x200_irt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF3DA7A-6B80-4F20-835F-BF071197D1B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_x300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E05BF7A-928C-4BF3-963F-7168037DFD51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_x300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F6299B-D7E3-4750-B016-7DCBC83C2287",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_x200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82699DAE-653E-4892-AABE-BD7EB0D08224",
"versionEndExcluding": "5.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_x200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A59C91EA-5D1B-4970-8C36-BD76BA420B12",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-200RNA switch family (All versions \u003c V3.2.7), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en la familia de conmutadores SCALANCE X-200IRT (incluidas las variantes SIPLUS NET) (todas las versiones inferiores a la versi\u00f3n V5.4.1), la familia de conmutadores SCALANCE X-300 (incluidas las variantes X408 y SIPLUS NET) (todas las versiones inferiores a la versi\u00f3n V4.1.3 ) Un atacante remoto y autenticado con acceso al servidor web de configuraci\u00f3n podr\u00eda almacenar el c\u00f3digo del script en el sitio web, si la opci\u00f3n de redundancia HRP est\u00e1 configurada. Este c\u00f3digo podr\u00eda ejecutarse en el navegador web de las v\u00edctimas que visitan este sitio web (XSS), afectando su confidencialidad, integridad y disponibilidad. La interacci\u00f3n del usuario es necesaria para una explotaci\u00f3n exitosa, ya que el usuario debe visitar el sitio web manipulado. En la etapa de publicaci\u00f3n de este aviso de seguridad no se conoce explotaci\u00f3n p\u00fablica. El proveedor ha confirmado la vulnerabilidad y proporciona mitigaciones para resolverla."
}
],
"id": "CVE-2018-4842",
"lastModified": "2024-11-21T04:07:33.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-14T16:29:00.397",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"source": "productcert@siemens.com",
"url": "https://www.securityfocus.com/bid/104494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.securityfocus.com/bid/104494"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ICSA-18-163-02
Vulnerability from csaf_cisa
Published
2018-06-12 00:00
Modified
2022-12-13 00:00
Summary
Siemens SCALANCE X Switches (Update A)
Notes
Summary
Two cross-site scripting (XSS) vulnerabilities were identified in the web server of several SCALANCE X switches.
Siemens has released updates for the affected products and recommends to update to the latest versions.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at:
https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
},
{
"names": [
"Marius Rothenb\u00fccher"
],
"summary": "coordinating disclosure of CVE-2018-4842"
},
{
"names": [
"Ali Abbasi"
],
"summary": "coordinating disclosure of CVE-2018-4848"
},
{
"names": [
"Artem Zinenko"
],
"organization": "Kaspersky",
"summary": "pointing out that SIPLUS should also be mentioned"
},
{
"organization": "KraftCERT",
"summary": "coordination efforts"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"notes": [
{
"category": "summary",
"text": "Two cross-site scripting (XSS) vulnerabilities were identified in the web server of several SCALANCE X switches.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-480829: Cross-Site Scripting Vulnerabilities in SCALANCE X Switches - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-480829.json"
},
{
"category": "self",
"summary": "SSA-480829: Cross-Site Scripting Vulnerabilities in SCALANCE X Switches - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-480829.txt"
},
{
"category": "self",
"summary": "SSA-480829: Cross-Site Scripting Vulnerabilities in SCALANCE X Switches - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-163-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-163-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-163-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-163-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SCALANCE X Switches (Update A)",
"tracking": {
"current_release_date": "2022-12-13T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-163-02",
"initial_release_date": "2018-06-12T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-06-12T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2020-01-14T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "SIPLUS devices now explicitly mentioned in the list of affected products; added update information for SCALANCE X-300/X408"
},
{
"date": "2022-12-13T00:00:00.000000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added SCALANCE X-200RNA switch family"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.2.3",
"product": {
"name": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.4.1",
"product": {
"name": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.2.7",
"product": {
"name": "SCALANCE X-200RNA switch family",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "SCALANCE X-200RNA switch family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.1.3",
"product": {
"name": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-4842",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A remote, authenticated attacker with access to the configuration web\nserver could be able to store script code on the web site, if the HRP redundancy \noption is set. This code could be executed in the web browser of victims visiting \nthis web site (XSS), affecting its confidentiality, integrity and availability. \n\nUser interaction is required for successful exploitation, as the user needs\nto visit the manipulated web site. At the stage of publishing this security\nadvisory no public exploitation is known. The vendor has confirmed the\nvulnerability and provides mitigations to resolve it.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "To exploit CVE-2018-4842, the attacker needs to be able to log into the administrative web application.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To exploit CVE-2018-4848 the attacker must trick the user to click on a link while being logged in.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.4.1 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109758144/"
},
{
"category": "vendor_fix",
"details": "Update to V4.1.3 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/document/109773547/"
},
{
"category": "vendor_fix",
"details": "Update to V3.2.7 or later version",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2018-4842"
},
{
"cve": "CVE-2018-4848",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"notes": [
{
"category": "summary",
"text": "The integrated configuration web server of the affected devices could allow\nCross-Site Scripting (XSS) attacks if unsuspecting users are tricked into\naccessing a malicious link.\n\nUser interaction is required for a successful exploitation. The user must \nbe logged into the web interface in order for the exploitation to succeed.\nAt the stage of publishing this security advisory no public exploitation is known.\nThe vendor has confirmed the vulnerability and provides mitigations to resolve it.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "To exploit CVE-2018-4842, the attacker needs to be able to log into the administrative web application.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To exploit CVE-2018-4848 the attacker must trick the user to click on a link while being logged in.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.2.3 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109758142/"
},
{
"category": "vendor_fix",
"details": "Update to V5.4.1 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109758144/"
},
{
"category": "vendor_fix",
"details": "Update to V4.1.3 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/document/109773547/"
},
{
"category": "vendor_fix",
"details": "Update to V3.2.7 or later version",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2018-4848"
}
]
}
icsa-18-163-02
Vulnerability from csaf_cisa
Published
2018-06-12 00:00
Modified
2022-12-13 00:00
Summary
Siemens SCALANCE X Switches (Update A)
Notes
Summary
Two cross-site scripting (XSS) vulnerabilities were identified in the web server of several SCALANCE X switches.
Siemens has released updates for the affected products and recommends to update to the latest versions.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at:
https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
},
{
"names": [
"Marius Rothenb\u00fccher"
],
"summary": "coordinating disclosure of CVE-2018-4842"
},
{
"names": [
"Ali Abbasi"
],
"summary": "coordinating disclosure of CVE-2018-4848"
},
{
"names": [
"Artem Zinenko"
],
"organization": "Kaspersky",
"summary": "pointing out that SIPLUS should also be mentioned"
},
{
"organization": "KraftCERT",
"summary": "coordination efforts"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"notes": [
{
"category": "summary",
"text": "Two cross-site scripting (XSS) vulnerabilities were identified in the web server of several SCALANCE X switches.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: \nhttps://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-480829: Cross-Site Scripting Vulnerabilities in SCALANCE X Switches - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-480829.json"
},
{
"category": "self",
"summary": "SSA-480829: Cross-Site Scripting Vulnerabilities in SCALANCE X Switches - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-480829.txt"
},
{
"category": "self",
"summary": "SSA-480829: Cross-Site Scripting Vulnerabilities in SCALANCE X Switches - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-163-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-163-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-163-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-163-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SCALANCE X Switches (Update A)",
"tracking": {
"current_release_date": "2022-12-13T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-163-02",
"initial_release_date": "2018-06-12T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-06-12T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2020-01-14T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "SIPLUS devices now explicitly mentioned in the list of affected products; added update information for SCALANCE X-300/X408"
},
{
"date": "2022-12-13T00:00:00.000000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added SCALANCE X-200RNA switch family"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.2.3",
"product": {
"name": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SCALANCE X-200 switch family (incl. SIPLUS NET variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.4.1",
"product": {
"name": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SCALANCE X-200IRT switch family (incl. SIPLUS NET variants)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.2.7",
"product": {
"name": "SCALANCE X-200RNA switch family",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "SCALANCE X-200RNA switch family"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.1.3",
"product": {
"name": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-4842",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A remote, authenticated attacker with access to the configuration web\nserver could be able to store script code on the web site, if the HRP redundancy \noption is set. This code could be executed in the web browser of victims visiting \nthis web site (XSS), affecting its confidentiality, integrity and availability. \n\nUser interaction is required for successful exploitation, as the user needs\nto visit the manipulated web site. At the stage of publishing this security\nadvisory no public exploitation is known. The vendor has confirmed the\nvulnerability and provides mitigations to resolve it.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "To exploit CVE-2018-4842, the attacker needs to be able to log into the administrative web application.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To exploit CVE-2018-4848 the attacker must trick the user to click on a link while being logged in.",
"product_ids": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.4.1 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109758144/"
},
{
"category": "vendor_fix",
"details": "Update to V4.1.3 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/document/109773547/"
},
{
"category": "vendor_fix",
"details": "Update to V3.2.7 or later version",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2018-4842"
},
{
"cve": "CVE-2018-4848",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"notes": [
{
"category": "summary",
"text": "The integrated configuration web server of the affected devices could allow\nCross-Site Scripting (XSS) attacks if unsuspecting users are tricked into\naccessing a malicious link.\n\nUser interaction is required for a successful exploitation. The user must \nbe logged into the web interface in order for the exploitation to succeed.\nAt the stage of publishing this security advisory no public exploitation is known.\nThe vendor has confirmed the vulnerability and provides mitigations to resolve it.\n",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"remediations": [
{
"category": "mitigation",
"details": "To exploit CVE-2018-4842, the attacker needs to be able to log into the administrative web application.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To exploit CVE-2018-4848 the attacker must trick the user to click on a link while being logged in.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Update to V5.2.3 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109758142/"
},
{
"category": "vendor_fix",
"details": "Update to V5.4.1 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109758144/"
},
{
"category": "vendor_fix",
"details": "Update to V4.1.3 or later version",
"product_ids": [
"CSAFPID-0004"
],
"url": "https://support.industry.siemens.com/cs/document/109773547/"
},
{
"category": "vendor_fix",
"details": "Update to V3.2.7 or later version",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814809/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
],
"title": "CVE-2018-4848"
}
]
}
CERTFR-2018-AVI-279
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans SCADA les produits Siemens . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | Desigo CC / Cerberus DMS versions V1.1, V2.0, V2.1 et V3.0 sans le dernier correctif de sécurité | ||
| Siemens | N/A | Desigo XWP versions V6.1 et antérieures sans le dernier correctif de sécurité | ||
| Siemens | N/A | Annual Shading versions V1.0.4 et V1.1 sans le dernier correctif de sécurité | ||
| Siemens | N/A | License Management System (LMS) versions 2.1 et antérieures sans le dernier correctif de sécurité | ||
| Siemens | N/A | SCALANCE M875 | ||
| Siemens | N/A | SCALANCE X-200 versions antérieures à V5.2.3 | ||
| Siemens | N/A | RAPIDLab série 1200 versions antérieures à V3.3 | ||
| Siemens | N/A | Siveillance Identity version V1.1 sans le dernier correctif de sécurité | ||
| Siemens | N/A | SCALANCE X-200 IRT versions antérieures à V5.4.1 | ||
| Siemens | N/A | Desigo ABT versions V3.1.0, V3.0.1 et antérieures sans le dernier correctif de sécurité | ||
| Siemens | N/A | SiteIQ Analytics versions V1.1, V1.2 et V1.3 sans le dernier correctif de sécurité | ||
| Siemens | N/A | Desigo Configuration Manager (DCM) versions V6.1 SP2 et antérieures, V6.0 SP1 et antérieures, sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Desigo CC / Cerberus DMS versions V1.1, V2.0, V2.1 et V3.0 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo XWP versions V6.1 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Annual Shading versions V1.0.4 et V1.1 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "License Management System (LMS) versions 2.1 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE M875",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X-200 versions ant\u00e9rieures \u00e0 V5.2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RAPIDLab s\u00e9rie 1200 versions ant\u00e9rieures \u00e0 V3.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Identity version V1.1 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X-200 IRT versions ant\u00e9rieures \u00e0 V5.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo ABT versions V3.1.0, V3.0.1 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SiteIQ Analytics versions V1.1, V1.2 et V1.3 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Desigo Configuration Manager (DCM) versions V6.1 SP2 et ant\u00e9rieures, V6.0 SP1 et ant\u00e9rieures, sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-4861",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4861"
},
{
"name": "CVE-2018-4846",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4846"
},
{
"name": "CVE-2018-6305",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6305"
},
{
"name": "CVE-2018-4845",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4845"
},
{
"name": "CVE-2018-8900",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8900"
},
{
"name": "CVE-2018-4842",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4842"
},
{
"name": "CVE-2018-4860",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4860"
},
{
"name": "CVE-2018-4833",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4833"
},
{
"name": "CVE-2018-11449",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11449"
},
{
"name": "CVE-2018-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11447"
},
{
"name": "CVE-2018-11448",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11448"
},
{
"name": "CVE-2018-4859",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4859"
},
{
"name": "CVE-2018-6304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6304"
},
{
"name": "CVE-2018-4848",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4848"
}
],
"initial_release_date": "2018-06-12T00:00:00",
"last_revision_date": "2018-06-12T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-279",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-06-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SCADA les produits\nSiemens . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA ssa-755010 Siemens du 12 juin 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-755010.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA ssa-480829 Siemens du 12 juin 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA ssa-977428 Siemens du 12 juin 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA ssa-181018 Siemens du 12 juin 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA ssa-566773 Siemens du 12 juin 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566773.pdf"
}
]
}
CERTFR-2022-AVI-1094
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) versions antérieures à V3.0.1 | ||
| Siemens | N/A | SIPROTEC 5, pour plus d'informations, veuillez-vous référer aux avis éditeur : https://cert-portal.siemens.com/productcert/html/ssa-552874.html et https://cert-portal.siemens.com/productcert/html/ssa-223771.html | ||
| Siemens | N/A | Teamcenter Visualization V13.2.x antérieures à V13.2.0.12 | ||
| Siemens | N/A | TALON TC Series (BACnet) versions antérieures à V3.5.5 | ||
| Siemens | N/A | SICAM PAS/PQS versions 8.x antérieures à 8.06 | ||
| Siemens | N/A | Parasolid versions V35.0.x antérieures à V35.0.170 | ||
| Siemens | N/A | SIMATIC WinCC Runtime Professional V15 versions antérieures à V15.1 Update 5 | ||
| Siemens | N/A | PLM Help Server V4.2 toutes versions | ||
| Siemens | N/A | SICAM PAS/PQS versions antérieures à 7.0 | ||
| Siemens | N/A | SIMATIC NET PC Software V15 toutes versions | ||
| Siemens | N/A | SINUMERIK Operate versions antérieures à V6.14 | ||
| Siemens | N/A | SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) toutes versions | ||
| Siemens | N/A | Polarion ALM toutes versions | ||
| Siemens | N/A | APOGEE PXC Series (P2 Ethernet) versions antérieures à V2.8.20 | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) V13 versions antérieures à V13 SP2 Update 4 | ||
| Siemens | N/A | Mendix Email Connector versions antérieures à 2.0.0 | ||
| Siemens | N/A | SIMATIC WinCC Runtime Professional V16 versions antérieures à V16 Update 2 | ||
| Siemens | N/A | JT2Go toutes versions | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) toutes versions | ||
| Siemens | N/A | SIMATIC NET PC Software V14 versions antérieures à V14 SP1 Update 14 | ||
| Siemens | N/A | APOGEE PXC Series (BACnet) versions antérieures à V3.5.5 | ||
| Siemens | N/A | SCALANCE X-200RNA toutes versions | ||
| Siemens | N/A | SINAMICS STARTER versions antérieures à V5.4 HF2 | ||
| Siemens | N/A | Simcenter STAR-CCM+ toutes versions | ||
| Siemens | N/A | SIMATIC Automation Tool versions antérieures à V4 SP2 | ||
| Siemens | N/A | SIMATIC PCS neo versions antérieures à V3.0 SP1 | ||
| Siemens | N/A | Parasolid versions V33.1.x antérieures à V33.1.264 | ||
| Siemens | N/A | SIMATIC STEP 7 V5 versions antérieures à V5.6 SP2 HF3 | ||
| Siemens | N/A | SIMATIC WinCC OA versions V3.18.x antérieures à V3.18 P014 | ||
| Siemens | N/A | SIMATIC WinCC OA V3.17 versions antérieures à V3.17 P003 | ||
| Siemens | N/A | SIMATIC WinCC V7.5 versions antérieures à V7.5 SP1 Update 3 | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) V14 versions antérieures à V14 SP1 Update 10 | ||
| Siemens | N/A | SIMATIC WinCC Runtime Professional V14 versions antérieures à V14 SP1 Update 10 | ||
| Siemens | N/A | SINEC NMS versions antérieures à V1.0 SP2 | ||
| Siemens | N/A | Parasolid versions V34.1.x antérieures à V34.1.242 | ||
| Siemens | N/A | SIMATIC Drive Controller family versions antérieures à V3.0.1 | ||
| Siemens | N/A | Teamcenter Visualization V13.3.x | ||
| Siemens | N/A | Parasolid versions V34.0.x antérieures à V34.0.252 | ||
| Siemens | N/A | SCALANCE, pour plus d'informations, veuillez-vous référer aux avis éditeur : https://cert-portal.siemens.com/productcert/html/ssa-413565.html, https://cert-portal.siemens.com/productcert/html/ssa-333517.html, https://cert-portal.siemens.com/productcert/html/ssa-363821.html et https://cert-portal.siemens.com/productcert/html/ssa-412672.html | ||
| Siemens | N/A | Teamcenter Visualization V14.1.x antérieures à V14.1.0.6 | ||
| Siemens | N/A | Mcenter versions supérieures ou égales à V5.2.1.0 | ||
| Siemens | N/A | SINEMA Server versions antérieures à V14 SP3 | ||
| Siemens | N/A | SIMATIC WinCC OA versions V3.17.x antérieures à V3.17 P024 | ||
| Siemens | N/A | SIMATIC WinCC OA versions V3.15.x | ||
| Siemens | N/A | TIM 1531 IRC (6GK7543-1MX00-0XE0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-PLCSIM Advanced versions antérieures à V5.0 | ||
| Siemens | N/A | SIMATIC RTLS Locating Manager (6GT2780-0DA00) versions supérieures ou égales à V2.13 | ||
| Siemens | N/A | RUGGEDCOM, pour plus d'informations, veuillez-vous référer à l'avis éditeur : https://cert-portal.siemens.com/productcert/html/ssa-413565.html | ||
| Siemens | N/A | SICAM GridPass (6MD7711-2AA00-1EA0) versions supérieures ou égales à V1.80 | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) V15 versions antérieures à V15.1 Update 5 | ||
| Siemens | N/A | Teamcenter Visualization V14.0.x | ||
| Siemens | N/A | SIMATIC WinCC OA versions V3.16.x antérieures à V3.16 P035 | ||
| Siemens | N/A | SIMATIC WinCC Runtime Advanced versions antérieures à V16 Update 2 | ||
| Siemens | N/A | SIMATIC WinCC V7.4 versions antérieures à V7.4 SP1 Update 14 | ||
| Siemens | N/A | SIMATIC WinCC Runtime Professional V13 versions antérieures à V13 SP2 Update 4 | ||
| Siemens | N/A | SIMATIC NET PC Software V16 versions antérieures à V16 Upd3 | ||
| Siemens | N/A | SIMATIC ProSave versions antérieures à V17 | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller versions antérieures à V21.8 | ||
| Siemens | N/A | Mendix Workflow Commons versions antérieures à 2.4.0 | ||
| Siemens | N/A | SINAMICS Startdrive versions antérieures à V16 Update 3 | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) V16 versions antérieures à V16 Update 2 | ||
| Siemens | N/A | SIMATIC S7-1200 CPU family (incl. SIPLUS variants) versions antérieures à V4.6.0 | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller toutes versions | ||
| Siemens | N/A | SIMATIC WinCC OA V3.16 versions antérieures à V3.16 P018 | ||
| Siemens | N/A | Calibre ICE versions supérieures ou égales à V2022.4 | ||
| Siemens | N/A | SINUMERIK ONE virtual versions antérieures à V6.14 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) versions ant\u00e9rieures \u00e0 V3.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPROTEC 5, pour plus d\u0027informations, veuillez-vous r\u00e9f\u00e9rer aux avis \u00e9diteur : https://cert-portal.siemens.com/productcert/html/ssa-552874.html et https://cert-portal.siemens.com/productcert/html/ssa-223771.html",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V13.2.x ant\u00e9rieures \u00e0 V13.2.0.12",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TALON TC Series (BACnet) versions ant\u00e9rieures \u00e0 V3.5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SICAM PAS/PQS versions 8.x ant\u00e9rieures \u00e0 8.06",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid versions V35.0.x ant\u00e9rieures \u00e0 V35.0.170",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Professional V15 versions ant\u00e9rieures \u00e0 V15.1 Update 5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "PLM Help Server V4.2 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SICAM PAS/PQS versions ant\u00e9rieures \u00e0 7.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC Software V15 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Operate versions ant\u00e9rieures \u00e0 V6.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Polarion ALM toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "APOGEE PXC Series (P2 Ethernet) versions ant\u00e9rieures \u00e0 V2.8.20",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) V13 versions ant\u00e9rieures \u00e0 V13 SP2 Update 4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Email Connector versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Professional V16 versions ant\u00e9rieures \u00e0 V16 Update 2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "JT2Go toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC Software V14 versions ant\u00e9rieures \u00e0 V14 SP1 Update 14",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "APOGEE PXC Series (BACnet) versions ant\u00e9rieures \u00e0 V3.5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X-200RNA toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS STARTER versions ant\u00e9rieures \u00e0 V5.4 HF2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter STAR-CCM+ toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Automation Tool versions ant\u00e9rieures \u00e0 V4 SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS neo versions ant\u00e9rieures \u00e0 V3.0 SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid versions V33.1.x ant\u00e9rieures \u00e0 V33.1.264",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 V5 versions ant\u00e9rieures \u00e0 V5.6 SP2 HF3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA versions V3.18.x ant\u00e9rieures \u00e0 V3.18 P014",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA V3.17 versions ant\u00e9rieures \u00e0 V3.17 P003",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 SP1 Update 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) V14 versions ant\u00e9rieures \u00e0 V14 SP1 Update 10",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Professional V14 versions ant\u00e9rieures \u00e0 V14 SP1 Update 10",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC NMS versions ant\u00e9rieures \u00e0 V1.0 SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid versions V34.1.x ant\u00e9rieures \u00e0 V34.1.242",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Drive Controller family versions ant\u00e9rieures \u00e0 V3.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V13.3.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Parasolid versions V34.0.x ant\u00e9rieures \u00e0 V34.0.252",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE, pour plus d\u0027informations, veuillez-vous r\u00e9f\u00e9rer aux avis \u00e9diteur : https://cert-portal.siemens.com/productcert/html/ssa-413565.html, https://cert-portal.siemens.com/productcert/html/ssa-333517.html, https://cert-portal.siemens.com/productcert/html/ssa-363821.html et https://cert-portal.siemens.com/productcert/html/ssa-412672.html",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V14.1.x ant\u00e9rieures \u00e0 V14.1.0.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mcenter versions sup\u00e9rieures ou \u00e9gales \u00e0 V5.2.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Server versions ant\u00e9rieures \u00e0 V14 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA versions V3.17.x ant\u00e9rieures \u00e0 V3.17 P024",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA versions V3.15.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 1531 IRC (6GK7543-1MX00-0XE0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-PLCSIM Advanced versions ant\u00e9rieures \u00e0 V5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RTLS Locating Manager (6GT2780-0DA00) versions sup\u00e9rieures ou \u00e9gales \u00e0 V2.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM, pour plus d\u0027informations, veuillez-vous r\u00e9f\u00e9rer \u00e0 l\u0027avis \u00e9diteur : https://cert-portal.siemens.com/productcert/html/ssa-413565.html",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SICAM GridPass (6MD7711-2AA00-1EA0) versions sup\u00e9rieures ou \u00e9gales \u00e0 V1.80",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) V15 versions ant\u00e9rieures \u00e0 V15.1 Update 5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V14.0.x",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA versions V3.16.x ant\u00e9rieures \u00e0 V3.16 P035",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Advanced versions ant\u00e9rieures \u00e0 V16 Update 2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V7.4 versions ant\u00e9rieures \u00e0 V7.4 SP1 Update 14",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Professional V13 versions ant\u00e9rieures \u00e0 V13 SP2 Update 4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC Software V16 versions ant\u00e9rieures \u00e0 V16 Upd3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ProSave versions ant\u00e9rieures \u00e0 V17",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller versions ant\u00e9rieures \u00e0 V21.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Workflow Commons versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS Startdrive versions ant\u00e9rieures \u00e0 V16 Update 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) V16 versions ant\u00e9rieures \u00e0 V16 Update 2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants) versions ant\u00e9rieures \u00e0 V4.6.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA V3.16 versions ant\u00e9rieures \u00e0 V3.16 P018",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Calibre ICE versions sup\u00e9rieures ou \u00e9gales \u00e0 V2022.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK ONE virtual versions ant\u00e9rieures \u00e0 V6.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-46345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46345"
},
{
"name": "CVE-2020-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28388"
},
{
"name": "CVE-2015-0208",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0208"
},
{
"name": "CVE-2016-0703",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0703"
},
{
"name": "CVE-2021-40365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40365"
},
{
"name": "CVE-2022-41279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41279"
},
{
"name": "CVE-2022-46353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46353"
},
{
"name": "CVE-2016-0701",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0701"
},
{
"name": "CVE-2019-6110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6110"
},
{
"name": "CVE-2022-46352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46352"
},
{
"name": "CVE-2015-5600",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
},
{
"name": "CVE-2022-46347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46347"
},
{
"name": "CVE-2022-46349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46349"
},
{
"name": "CVE-2015-0292",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0292"
},
{
"name": "CVE-2015-6563",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6563"
},
{
"name": "CVE-2015-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0286"
},
{
"name": "CVE-2015-1791",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1791"
},
{
"name": "CVE-2022-46351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46351"
},
{
"name": "CVE-2015-6564",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6564"
},
{
"name": "CVE-2015-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3195"
},
{
"name": "CVE-2016-0777",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0777"
},
{
"name": "CVE-2003-1562",
"url": "https://www.cve.org/CVERecord?id=CVE-2003-1562"
},
{
"name": "CVE-2016-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0800"
},
{
"name": "CVE-2016-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2105"
},
{
"name": "CVE-2016-2177",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2177"
},
{
"name": "CVE-2022-41280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41280"
},
{
"name": "CVE-2016-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2176"
},
{
"name": "CVE-2019-6109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6109"
},
{
"name": "CVE-2022-46346",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46346"
},
{
"name": "CVE-2022-41283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41283"
},
{
"name": "CVE-2022-46144",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46144"
},
{
"name": "CVE-2016-6302",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6302"
},
{
"name": "CVE-2022-45044",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45044"
},
{
"name": "CVE-2018-4842",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4842"
},
{
"name": "CVE-2022-44731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44731"
},
{
"name": "CVE-2022-46355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46355"
},
{
"name": "CVE-2016-6303",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6303"
},
{
"name": "CVE-2015-0288",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0288"
},
{
"name": "CVE-2022-41288",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41288"
},
{
"name": "CVE-2019-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1552"
},
{
"name": "CVE-2016-1907",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1907"
},
{
"name": "CVE-2016-2178",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2178"
},
{
"name": "CVE-2022-43517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43517"
},
{
"name": "CVE-2016-10011",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10011"
},
{
"name": "CVE-2015-6565",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6565"
},
{
"name": "CVE-2022-3160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3160"
},
{
"name": "CVE-2016-6307",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6307"
},
{
"name": "CVE-2016-2179",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2179"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2015-4000",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4000"
},
{
"name": "CVE-2022-41282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41282"
},
{
"name": "CVE-2015-3194",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3194"
},
{
"name": "CVE-2015-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1789"
},
{
"name": "CVE-2022-46350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46350"
},
{
"name": "CVE-2022-46142",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46142"
},
{
"name": "CVE-2015-0290",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0290"
},
{
"name": "CVE-2016-6304",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
},
{
"name": "CVE-2022-46348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46348"
},
{
"name": "CVE-2022-46140",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46140"
},
{
"name": "CVE-2016-1908",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1908"
},
{
"name": "CVE-2016-2107",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2107"
},
{
"name": "CVE-2019-16905",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16905"
},
{
"name": "CVE-2016-10009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10009"
},
{
"name": "CVE-2016-2181",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2181"
},
{
"name": "CVE-2019-6111",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6111"
},
{
"name": "CVE-2016-8858",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8858"
},
{
"name": "CVE-2016-6515",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6515"
},
{
"name": "CVE-2015-3197",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3197"
},
{
"name": "CVE-2022-41281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41281"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2015-1788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1788"
},
{
"name": "CVE-2016-2106",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2106"
},
{
"name": "CVE-2015-0207",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0207"
},
{
"name": "CVE-2015-1792",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1792"
},
{
"name": "CVE-2020-7580",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7580"
},
{
"name": "CVE-2015-0285",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0285"
},
{
"name": "CVE-2016-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0799"
},
{
"name": "CVE-2015-1794",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1794"
},
{
"name": "CVE-2022-34821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34821"
},
{
"name": "CVE-2016-6308",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6308"
},
{
"name": "CVE-2021-44694",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44694"
},
{
"name": "CVE-2016-6306",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6306"
},
{
"name": "CVE-2017-15906",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15906"
},
{
"name": "CVE-2021-44695",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44695"
},
{
"name": "CVE-2022-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3161"
},
{
"name": "CVE-2016-10010",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10010"
},
{
"name": "CVE-2022-45936",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45936"
},
{
"name": "CVE-2022-46265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46265"
},
{
"name": "CVE-2016-0704",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0704"
},
{
"name": "CVE-2016-0702",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0702"
},
{
"name": "CVE-2017-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2014-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8176"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2015-3193",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
},
{
"name": "CVE-2022-43723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43723"
},
{
"name": "CVE-2018-15473",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15473"
},
{
"name": "CVE-2015-0293",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0293"
},
{
"name": "CVE-2022-45484",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45484"
},
{
"name": "CVE-2015-5352",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5352"
},
{
"name": "CVE-2015-0287",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0287"
},
{
"name": "CVE-2003-0190",
"url": "https://www.cve.org/CVERecord?id=CVE-2003-0190"
},
{
"name": "CVE-2018-20685",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20685"
},
{
"name": "CVE-2016-6305",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6305"
},
{
"name": "CVE-2015-1787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1787"
},
{
"name": "CVE-2016-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0798"
},
{
"name": "CVE-2022-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46143"
},
{
"name": "CVE-2022-41286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41286"
},
{
"name": "CVE-2016-10012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10012"
},
{
"name": "CVE-2022-41278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41278"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2015-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8325"
},
{
"name": "CVE-2022-41287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41287"
},
{
"name": "CVE-2022-45937",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45937"
},
{
"name": "CVE-2022-46354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46354"
},
{
"name": "CVE-2022-43724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43724"
},
{
"name": "CVE-2022-43722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43722"
},
{
"name": "CVE-2016-6210",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6210"
},
{
"name": "CVE-2015-3196",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3196"
},
{
"name": "CVE-2015-0209",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0209"
},
{
"name": "CVE-2022-41284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41284"
},
{
"name": "CVE-2016-2842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2842"
},
{
"name": "CVE-2015-0291",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0291"
},
{
"name": "CVE-2016-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2180"
},
{
"name": "CVE-2021-44693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44693"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2016-2182",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2182"
},
{
"name": "CVE-2016-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0797"
},
{
"name": "CVE-2015-6574",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6574"
},
{
"name": "CVE-2015-0289",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0289"
},
{
"name": "CVE-2016-0705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0705"
},
{
"name": "CVE-2019-13924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13924"
},
{
"name": "CVE-2016-2109",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2109"
},
{
"name": "CVE-2016-2108",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2108"
},
{
"name": "CVE-2022-44575",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44575"
},
{
"name": "CVE-2022-41285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41285"
},
{
"name": "CVE-2022-46664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46664"
},
{
"name": "CVE-2022-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30065"
},
{
"name": "CVE-2022-3159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3159"
},
{
"name": "CVE-2015-1790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1790"
},
{
"name": "CVE-2016-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0778"
},
{
"name": "CVE-2018-4848",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4848"
}
],
"initial_release_date": "2022-12-13T00:00:00",
"last_revision_date": "2022-12-13T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-1094",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-12-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": "2022-12-13",
"title": "Bulletin de s\u00e9curit\u00e9 Siemens",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-180579.html"
}
]
}
ghsa-89f2-v4jr-22cm
Vulnerability from github
Published
2022-05-13 01:28
Modified
2022-05-13 01:28
Severity ?
VLAI Severity ?
Details
A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.4.1), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.
{
"affected": [],
"aliases": [
"CVE-2018-4842"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-14T16:29:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions \u003c V5.4.1), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions \u003c V4.1.3). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it.",
"id": "GHSA-89f2-v4jr-22cm",
"modified": "2022-05-13T01:28:55Z",
"published": "2022-05-13T01:28:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4842"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480829.pdf"
},
{
"type": "WEB",
"url": "https://www.securityfocus.com/bid/104494"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…