cvelistv5 - cve-2020-7569

CVE-2020-7569 (GCVE-0-2020-7569)

Vulnerability from cvelistv5

Published

2020-11-19 21:02

Modified

2024-08-04 09:33

Severity ?

CWE

CWE-434 - Unrestricted Upload of File with Dangerous Type

Summary

A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.

References

URL

	Vendor	Product	Version
	n/a	EcoStruxure Building Operation WebReports V1.9 - V3.1	Version: EcoStruxure Building Operation WebReports V1.9 - V3.1

ICSA-21-063-02

Vulnerability from csaf_cisa

Published

2021-03-04 00:00

Modified

2021-03-04 00:00

Summary

ICSA-21-063-02_Schneider Electric EcoStruxure Building Operation (EBO)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Summary

Luis Vázquez, Francisco Palma, and Diego León of Zerolynx in coordination with INCIBE and Alessandro Bosco, Luca Di Giuseppe, Alessandro Sabetta, and Massimiliano Brolli of TIM Security Red Team Research reported these vulnerabilities to Schneider Electric.

Details

Note: Please see SEVD-2020-315-04 to see which vulnerabilities affect each specific product.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Luis V\u00e1zquez",
          "Francisco Palma",
          "Diego Le\u00f3n"
        ],
        "organization": "Zerolynx",
        "summary": "reporting these vulnerabilities to Schneider Electric"
      },
      {
        "organization": "INCIBE",
        "summary": "reporting these vulnerabilities to Schneider Electric"
      },
      {
        "names": [
          "Alessandro Bosco",
          "Luca Di Giuseppe",
          "Alessandro Sabetta",
          "Massimiliano Brolli"
        ],
        "organization": "TIM Security Red Team Research",
        "summary": "reporting these vulnerabilities to Schneider Electric"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "summary",
        "text": "Luis V\u00e1zquez, Francisco Palma, and Diego Le\u00f3n of Zerolynx in coordination with INCIBE and Alessandro Bosco, Luca Di Giuseppe, Alessandro Sabetta, and Massimiliano Brolli of TIM Security Red Team Research reported these vulnerabilities to Schneider Electric.",
        "title": "Summary"
      },
      {
        "category": "details",
        "text": "Note: Please see SEVD-2020-315-04 to see which vulnerabilities affect each specific product.",
        "title": "Details"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "CISAservicedesk@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-21-063-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-063-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-21-063-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-063-02"
      }
    ],
    "title": "ICSA-21-063-02_Schneider Electric EcoStruxure Building Operation (EBO)",
    "tracking": {
      "current_release_date": "2021-03-04T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA USCert CSAF Generator",
          "version": "1"
        }
      },
      "id": "ICSA-21-063-02",
      "initial_release_date": "2021-03-04T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2021-03-04T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-21-063-02 Schneider Electric EcoStruxure Building Operation (EBO)"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 2.0 | \u003c= 3.1",
                "product": {
                  "name": "WebStation: v2.0 - v3.1",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "WebStation"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 1.9 | \u003c= 3.1",
                "product": {
                  "name": "Enterprise Server installer: v1.9 - v3.1",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Server installer"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 1.9 | \u003c= 3.1",
                "product": {
                  "name": "WebReports: v1.9 - v3.1",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "WebReports"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 2.0 | \u003c= 3.1",
                "product": {
                  "name": "Enterprise Central installer: v2.0 - v3.1",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Central installer"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-7569",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unrestricted upload of a file with dangerous type vulnerability could allow an authenticated remote user to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.CVE-2020-7569 has been assigned to this vulnerability. A CVSS v3 base score of 4.6 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7569"
    },
    {
      "cve": "CVE-2020-7570",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper neutralization of an input during webpage generation vulnerability could allow an authenticated remote user to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a stored cross-site scripting attack against other WebReport users.CVE-2020-7570 has been assigned to this vulnerability. A CVSS v3 base score of 6.4 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7570"
    },
    {
      "cve": "CVE-2020-7571",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple improper neutralizations of an input during webpage generation vulnerabilities could allow a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of user supplied data and achieve a reflected cross-site scripting attack against other WebReport users.CVE-2020-7571 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7571"
    },
    {
      "cve": "CVE-2020-7572",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper restriction of XML external entity reference vulnerability could allow an authenticated remote user to inject arbitrary XML code and obtain disclosure of confidential data, cause a denial-of-service condition, or execute server-side request forgery due to improper configuration of the XML parser.CVE-2020-7572 has been assigned to this vulnerability. A CVSS v3 base score of 6.7 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7572"
    },
    {
      "cve": "CVE-2020-7573",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper access control vulnerability could allow a remote attacker access to restricted web resources due to improper access control.CVE-2020-7573 has been assigned to this vulnerability. A CVSS v3 base score of 5.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7573"
    },
    {
      "cve": "CVE-2020-28209",
      "cwe": {
        "id": "CWE-428",
        "name": "Unquoted Search Path or Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unquoted search path vulnerability could allow any local Windows user with write permissions on at least one of the subfolders of the connect agent service binary path to gain the privilege of the user who started the service. By default, the Enterprise Server and Enterprise Central is always installed at a location requiring Administrator privileges, so this vulnerability is only valid if the application has been installed on a non-secure location. CVE-2020-28209 has been assigned to this vulnerability. A CVSS v3 base score of 2.0 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.0,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-28209"
    },
    {
      "cve": "CVE-2020-28210",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper neutralization of an input during webpage generation vulnerability could allow an attacker to inject HTML and JavaScript code into the user\u0027s browser. CVE-2020-28210 has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-28210"
    }
  ]
}

icsa-21-063-02

Vulnerability from csaf_cisa

Published

2021-03-04 00:00

Modified

2021-03-04 00:00

Summary

ICSA-21-063-02_Schneider Electric EcoStruxure Building Operation (EBO)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Summary

Details

Note: Please see SEVD-2020-315-04 to see which vulnerabilities affect each specific product.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Luis V\u00e1zquez",
          "Francisco Palma",
          "Diego Le\u00f3n"
        ],
        "organization": "Zerolynx",
        "summary": "reporting these vulnerabilities to Schneider Electric"
      },
      {
        "organization": "INCIBE",
        "summary": "reporting these vulnerabilities to Schneider Electric"
      },
      {
        "names": [
          "Alessandro Bosco",
          "Luca Di Giuseppe",
          "Alessandro Sabetta",
          "Massimiliano Brolli"
        ],
        "organization": "TIM Security Red Team Research",
        "summary": "reporting these vulnerabilities to Schneider Electric"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "summary",
        "text": "Luis V\u00e1zquez, Francisco Palma, and Diego Le\u00f3n of Zerolynx in coordination with INCIBE and Alessandro Bosco, Luca Di Giuseppe, Alessandro Sabetta, and Massimiliano Brolli of TIM Security Red Team Research reported these vulnerabilities to Schneider Electric.",
        "title": "Summary"
      },
      {
        "category": "details",
        "text": "Note: Please see SEVD-2020-315-04 to see which vulnerabilities affect each specific product.",
        "title": "Details"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "CISAservicedesk@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-21-063-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-063-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-21-063-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-063-02"
      }
    ],
    "title": "ICSA-21-063-02_Schneider Electric EcoStruxure Building Operation (EBO)",
    "tracking": {
      "current_release_date": "2021-03-04T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA USCert CSAF Generator",
          "version": "1"
        }
      },
      "id": "ICSA-21-063-02",
      "initial_release_date": "2021-03-04T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2021-03-04T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-21-063-02 Schneider Electric EcoStruxure Building Operation (EBO)"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 2.0 | \u003c= 3.1",
                "product": {
                  "name": "WebStation: v2.0 - v3.1",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "WebStation"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 1.9 | \u003c= 3.1",
                "product": {
                  "name": "Enterprise Server installer: v1.9 - v3.1",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Server installer"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 1.9 | \u003c= 3.1",
                "product": {
                  "name": "WebReports: v1.9 - v3.1",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "WebReports"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 2.0 | \u003c= 3.1",
                "product": {
                  "name": "Enterprise Central installer: v2.0 - v3.1",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Central installer"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-7569",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unrestricted upload of a file with dangerous type vulnerability could allow an authenticated remote user to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.CVE-2020-7569 has been assigned to this vulnerability. A CVSS v3 base score of 4.6 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7569"
    },
    {
      "cve": "CVE-2020-7570",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper neutralization of an input during webpage generation vulnerability could allow an authenticated remote user to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a stored cross-site scripting attack against other WebReport users.CVE-2020-7570 has been assigned to this vulnerability. A CVSS v3 base score of 6.4 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7570"
    },
    {
      "cve": "CVE-2020-7571",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple improper neutralizations of an input during webpage generation vulnerabilities could allow a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of user supplied data and achieve a reflected cross-site scripting attack against other WebReport users.CVE-2020-7571 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7571"
    },
    {
      "cve": "CVE-2020-7572",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper restriction of XML external entity reference vulnerability could allow an authenticated remote user to inject arbitrary XML code and obtain disclosure of confidential data, cause a denial-of-service condition, or execute server-side request forgery due to improper configuration of the XML parser.CVE-2020-7572 has been assigned to this vulnerability. A CVSS v3 base score of 6.7 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7572"
    },
    {
      "cve": "CVE-2020-7573",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper access control vulnerability could allow a remote attacker access to restricted web resources due to improper access control.CVE-2020-7573 has been assigned to this vulnerability. A CVSS v3 base score of 5.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-7573"
    },
    {
      "cve": "CVE-2020-28209",
      "cwe": {
        "id": "CWE-428",
        "name": "Unquoted Search Path or Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unquoted search path vulnerability could allow any local Windows user with write permissions on at least one of the subfolders of the connect agent service binary path to gain the privilege of the user who started the service. By default, the Enterprise Server and Enterprise Central is always installed at a location requiring Administrator privileges, so this vulnerability is only valid if the application has been installed on a non-secure location. CVE-2020-28209 has been assigned to this vulnerability. A CVSS v3 base score of 2.0 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.0,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-28209"
    },
    {
      "cve": "CVE-2020-28210",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper neutralization of an input during webpage generation vulnerability could allow an attacker to inject HTML and JavaScript code into the user\u0027s browser. CVE-2020-28210 has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users upgrade to Version 3.2 of EBO as it is not impacted by any of these vulnerabilities. For assistance in upgrading, contact Schneider Electric Customer Care Center or your Schneider Electric representative.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "mitigation",
          "details": "For versions prior to 3.2, fixes are now available in the form of a hotfix patch. Please refer to SEVD-2020-315-04 for specific information about how to apply the patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "CVE-2020-28210"
    }
  ]
}

gsd-2020-7569

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2020-7569

Aliases

CVE-2020-7569

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-7569",
    "description": "A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.",
    "id": "GSD-2020-7569"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-7569"
      ],
      "details": "A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.",
      "id": "GSD-2020-7569",
      "modified": "2023-12-13T01:21:51.637792Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cybersecurity@schneider-electric.com",
        "ID": "CVE-2020-7569",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "EcoStruxure Building Operation WebReports V1.9 - V3.1",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "EcoStruxure Building Operation WebReports V1.9 - V3.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-434: Unrestricted Upload of File with Dangerous Type "
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/",
            "refsource": "MISC",
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:webreports:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.1",
                "versionStartIncluding": "1.9",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7569"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-434"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Product",
                "Vendor Advisory"
              ],
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-01-31T19:45Z",
      "publishedDate": "2020-11-19T22:15Z"
    }
  }
}

fkie_cve-2020-7569

Vulnerability from fkie_nvd

Published

2020-11-19 22:15

Modified

2024-11-21 05:37

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	cybersecurity@se.com	https://www.se.com/ww/en/download/document/SEVD-2020-315-04/	Patch, Product, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.se.com/ww/en/download/document/SEVD-2020-315-04/	Patch, Product, Vendor Advisory

Impacted products

	Vendor	Product	Version
	schneider-electric	webreports	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:webreports:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFEA3AED-DBEB-4B15-AD56-CEE221637C39",
              "versionEndIncluding": "3.1",
              "versionStartIncluding": "1.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de Carga Sin Restricciones de Archivos con tipo Peligroso CWE-434 en EcoStruxure Building Operation WebReports versiones V1.9 - V3.1, que podr\u00eda causar que un usuario remoto autenticado pueda cargar archivos arbitrarios debido a una verificaci\u00f3n incorrecta de los archivos suministrados por el usuario y lograr una ejecuci\u00f3n de c\u00f3digo remoto"
    }
  ],
  "id": "CVE-2020-7569",
  "lastModified": "2024-11-21T05:37:23.730",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-19T22:15:15.240",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Product",
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

ghsa-4h8j-fjxw-9pcc

Vulnerability from github

Published

2022-05-24 17:34

Modified

2022-05-24 17:34

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-7569"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-434"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-19T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution.",
  "id": "GHSA-4h8j-fjxw-9pcc",
  "modified": "2022-05-24T17:34:45Z",
  "published": "2022-05-24T17:34:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7569"
    },
    {
      "type": "WEB",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-04"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cnvd-2021-29454

Vulnerability from cnvd

Title

Schneider Electric EcoStruxure Building Operation WebReports任意文件上传漏洞

Description

Schneider Electric EcoStruxure Building Operation WebReports是一款用于创建、查看和管理报告的Web应用程序。 Schneider Electric EcoStruxure Building Operation WebReports 1.9-3.1存在任意文件上传漏洞。该漏洞源于对用户提供的文件验证不当。攻击者可利用该漏洞上传任意文件，从而可实现远程代码执行。

Severity

中

Patch Name

Schneider Electric EcoStruxure Building Operation WebReports任意文件上传漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2020-315-04_EcoStruxure%E2%84%A2_Building_Operation_Security_Notification.pdf&p_Doc_Ref=SEVD-2020-315-04

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-7569

Impacted products

Name
Schneider Electric EcoStruxure Building Operation WebReports >=1.9，<=3.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-7569",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-7569"
    }
  },
  "description": "Schneider Electric EcoStruxure Building Operation WebReports\u662f\u4e00\u6b3e\u7528\u4e8e\u521b\u5efa\u3001\u67e5\u770b\u548c\u7ba1\u7406\u62a5\u544a\u7684Web\u5e94\u7528\u7a0b\u5e8f\u3002\n\nSchneider Electric EcoStruxure Building Operation WebReports 1.9-3.1\u5b58\u5728\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u7528\u6237\u63d0\u4f9b\u7684\u6587\u4ef6\u9a8c\u8bc1\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0a\u4f20\u4efb\u610f\u6587\u4ef6\uff0c\u4ece\u800c\u53ef\u5b9e\u73b0\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2020-315-04_EcoStruxure%E2%84%A2_Building_Operation_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2020-315-04",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-29454",
  "openTime": "2021-04-19",
  "patchDescription": "Schneider Electric EcoStruxure Building Operation WebReports\u662f\u4e00\u6b3e\u7528\u4e8e\u521b\u5efa\u3001\u67e5\u770b\u548c\u7ba1\u7406\u62a5\u544a\u7684Web\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nSchneider Electric EcoStruxure Building Operation WebReports 1.9-3.1\u5b58\u5728\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u7528\u6237\u63d0\u4f9b\u7684\u6587\u4ef6\u9a8c\u8bc1\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4e0a\u4f20\u4efb\u610f\u6587\u4ef6\uff0c\u4ece\u800c\u53ef\u5b9e\u73b0\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Schneider Electric EcoStruxure Building Operation WebReports\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Schneider Electric EcoStruxure Building Operation WebReports \u003e=1.9\uff0c\u003c=3.1"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-7569",
  "serverity": "\u4e2d",
  "submitTime": "2020-11-20",
  "title": "Schneider Electric EcoStruxure Building Operation WebReports\u4efb\u610f\u6587\u4ef6\u4e0a\u4f20\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2020-7569 (GCVE-0-2020-7569)

Vulnerability from cvelistv5

ICSA-21-063-02

Vulnerability from csaf_cisa

icsa-21-063-02

Vulnerability from csaf_cisa

gsd-2020-7569

Vulnerability from gsd

fkie_cve-2020-7569

Vulnerability from fkie_nvd

ghsa-4h8j-fjxw-9pcc

Vulnerability from github

cnvd-2021-29454

Vulnerability from cnvd

Tags

Sightings

Nomenclature