cnvd - cnvd-2021-11835

cnvd-2021-11835

Vulnerability from cnvd

Title: Siemens SINEMA Server和SINE CNMS目录遍历漏洞

Description:

Siemens SINE CNMS是新一代面向数字图书馆的网络管理系统企业号。这个系统可用于集中监控、管理和配置网络。Siemens SINEMA Server是西门子为工业以太网设计的网络监控和管理软件。

Siemens SINEMA Server和SINE CNMS存在目录遍历漏洞。攻击者可利用漏洞在受影响的系统上创建或覆盖任意文件。

Severity: 中

Patch Name: Siemens SINEMA Server和SINE CNMS目录遍历漏洞的补丁

Patch Description:

Siemens SINEMA Server和SINE CNMS存在目录遍历漏洞。攻击者可利用漏洞在受影响的系统上创建或覆盖任意文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf

Reference: https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf

Impacted products

Name
['Siemens SINEC NMS < V1.0 SP1 Update 1', 'Siemens SINEMA Server < V14.0 SP2 Update 2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-25237"
    }
  },
  "description": "Siemens SINE CNMS\u662f\u65b0\u4e00\u4ee3\u9762\u5411\u6570\u5b57\u56fe\u4e66\u9986\u7684\u7f51\u7edc\u7ba1\u7406\u7cfb\u7edf\u4f01\u4e1a\u53f7\u3002\u8fd9\u4e2a\u7cfb\u7edf\u53ef\u7528\u4e8e\u96c6\u4e2d\u76d1\u63a7\u3001\u7ba1\u7406\u548c\u914d\u7f6e\u7f51\u7edc\u3002Siemens SINEMA Server\u662f\u897f\u95e8\u5b50\u4e3a\u5de5\u4e1a\u4ee5\u592a\u7f51\u8bbe\u8ba1\u7684\u7f51\u7edc\u76d1\u63a7\u548c\u7ba1\u7406\u8f6f\u4ef6\u3002\n\nSiemens SINEMA Server\u548cSINE CNMS\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u521b\u5efa\u6216\u8986\u76d6\u4efb\u610f\u6587\u4ef6\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-11835",
  "openTime": "2021-02-22",
  "patchDescription": "Siemens SINE CNMS\u662f\u65b0\u4e00\u4ee3\u9762\u5411\u6570\u5b57\u56fe\u4e66\u9986\u7684\u7f51\u7edc\u7ba1\u7406\u7cfb\u7edf\u4f01\u4e1a\u53f7\u3002\u8fd9\u4e2a\u7cfb\u7edf\u53ef\u7528\u4e8e\u96c6\u4e2d\u76d1\u63a7\u3001\u7ba1\u7406\u548c\u914d\u7f6e\u7f51\u7edc\u3002Siemens SINEMA Server\u662f\u897f\u95e8\u5b50\u4e3a\u5de5\u4e1a\u4ee5\u592a\u7f51\u8bbe\u8ba1\u7684\u7f51\u7edc\u76d1\u63a7\u548c\u7ba1\u7406\u8f6f\u4ef6\u3002\r\n\r\nSiemens SINEMA Server\u548cSINE CNMS\u5b58\u5728\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u7cfb\u7edf\u4e0a\u521b\u5efa\u6216\u8986\u76d6\u4efb\u610f\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SINEMA Server\u548cSINE CNMS\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens SINEC NMS \u003c V1.0 SP1 Update 1",
      "Siemens SINEMA Server \u003c V14.0 SP2 Update 2"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf",
  "serverity": "\u4e2d",
  "submitTime": "2021-02-20",
  "title": "Siemens SINEMA Server\u548cSINE CNMS\u76ee\u5f55\u904d\u5386\u6f0f\u6d1e"
}

CVE-2020-25237 (GCVE-0-2020-25237)

Vulnerability from cvelistv5

Published

2021-02-09 15:38

Modified

2024-08-04 15:33

Severity ?

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Summary

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as 'Zip-Slip'. (ZDI-CAN-12054)

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf	x_refsource_MISC
	https://us-cert.cisa.gov/ics/advisories/icsa-21-040-03	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-21-253/	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens

SINEC NMS

Version: All versions < V1.0 SP1 Update 1

Siemens

SINEMA Server

Version: All versions < V14.0 SP2 Update 2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:33:05.612Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-03"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-253/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SINEC NMS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0 SP1 Update 1"
            }
          ]
        },
        {
          "product": "SINEMA Server",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14.0 SP2 Update 2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V1.0 SP1 Update 1), SINEMA Server (All versions \u003c V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as \u0027Zip-Slip\u0027. (ZDI-CAN-12054)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-25T18:06:20",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-03"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-253/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-25237",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SINEC NMS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V1.0 SP1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINEMA Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V14.0 SP2 Update 2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SINEC NMS (All versions \u003c V1.0 SP1 Update 1), SINEMA Server (All versions \u003c V14.0 SP2 Update 2). When uploading files to an affected system using a zip container, the system does not correctly check if the relative file path of the extracted files is still within the intended target directory. With this an attacker could create or overwrite arbitrary files on an affected system. This type of vulnerability is also known as \u0027Zip-Slip\u0027. (ZDI-CAN-12054)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-03",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-03"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-253/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-253/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-25237",
    "datePublished": "2021-02-09T15:38:17",
    "dateReserved": "2020-09-10T00:00:00",
    "dateUpdated": "2024-08-04T15:33:05.612Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted