Search criteria
19 vulnerabilities by Westermo
CVE-2025-54319 (GCVE-0-2025-54319)
Vulnerability from cvelistv5 – Published: 2025-07-20 00:00 – Updated: 2025-07-22 14:21
VLAI?
Summary
An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can gain unauthorized access to sensitive information via system logging information (syslog verbose logging that includes credentials).
Severity ?
6.3 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54319",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T14:20:58.255406Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T14:21:05.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WeOS",
"vendor": "Westermo",
"versions": [
{
"lessThanOrEqual": "5.24.4",
"status": "affected",
"version": "5.24.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Westermo WeOS 5 (5.24 through 5.24.4). A threat actor potentially can gain unauthorized access to sensitive information via system logging information (syslog verbose logging that includes credentials)."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-20T20:46:59.300Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.westermo.com/-/media/Files/Cyber-security/westermo_sa_25-08_sensitive_information_in_logging.pdf?rev=40c4e78bd1524f639a89cd1b005e0f23\u0026hash=64987A18FFECA633F23DB11FE5EAFA9A"
},
{
"url": "https://www.westermo.com/uk/support/security-advisories"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-54319",
"datePublished": "2025-07-20T00:00:00.000Z",
"dateReserved": "2025-07-20T00:00:00.000Z",
"dateUpdated": "2025-07-22T14:21:05.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46419 (GCVE-0-2025-46419)
Vulnerability from cvelistv5 – Published: 2025-04-24 00:00 – Updated: 2025-04-24 14:50
VLAI?
Summary
Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.
Severity ?
5.9 (Medium)
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46419",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T14:50:24.557800Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T14:50:34.633Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WeOS",
"vendor": "Westermo",
"versions": [
{
"lessThan": "5.24.0",
"status": "affected",
"version": "5",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T00:40:54.586Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.westermo.com/-/media/Files/Cyber-security/westermo_sa_25-02_malformed_esp_packet_could_cause_denial_vulnerability_in_weos.pdf?rev=9af5c93194f343a0b4fad2d24d032df2\u0026hash=87F4AD7F74C2BE69CA1B4C24F29B82EA"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-46419",
"datePublished": "2025-04-24T00:00:00.000Z",
"dateReserved": "2025-04-24T00:00:00.000Z",
"dateUpdated": "2025-04-24T14:50:34.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-32943 (GCVE-0-2024-32943)
Vulnerability from cvelistv5 – Published: 2024-06-20 22:12 – Updated: 2024-08-02 02:27
VLAI?
Summary
An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.
Severity ?
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Westermo | L210-F2G Lynx |
Affected:
4.21.0
|
Credits
Aviv Malka and Joseph Baum of OTORIO reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-32943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T13:47:36.074775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T13:47:48.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:27:52.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "L210-F2G Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "4.21.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aviv Malka and Joseph Baum of OTORIO reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\nAn attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.\n\n"
}
],
"value": "An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-799",
"description": "CWE-799",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T22:12:34.239Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"
}
],
"source": {
"advisory": "ICSA-24-172-03",
"discovery": "EXTERNAL"
},
"title": "Westermo L210-F2G Lynx Improper Control of Interaction Frequency",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eWestermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.\u003c/p\u003e\n\u003cp\u003eTo mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device\u0027s \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.\u003c/p\u003e\n\u003cp\u003eWestermo suggests limiting access to the device\u0027s CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.\u003c/p\u003e\n\u003cp\u003eWestermo will keep users updated on any further enhancements.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Westermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.\n\n\nTo mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device\u0027s \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.\n\n\nWestermo suggests limiting access to the device\u0027s CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.\n\n\nWestermo will keep users updated on any further enhancements."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-32943",
"datePublished": "2024-06-20T22:12:34.239Z",
"dateReserved": "2024-06-13T14:52:17.243Z",
"dateUpdated": "2024-08-02T02:27:52.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-35246 (GCVE-0-2024-35246)
Vulnerability from cvelistv5 – Published: 2024-06-20 22:11 – Updated: 2024-08-02 03:07
VLAI?
Summary
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.
Severity ?
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Westermo | L210-F2G Lynx |
Affected:
4.21.0
|
Credits
Aviv Malka and Joseph Baum of OTORIO reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:westermo:l210-f2g_lynx_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "l210-f2g_lynx_firmware",
"vendor": "westermo",
"versions": [
{
"status": "affected",
"version": "4.21.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T15:02:47.450661Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T15:03:48.886Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:07:46.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "L210-F2G Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "4.21.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aviv Malka and Joseph Baum of OTORIO reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nAn attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.\n\n"
}
],
"value": "An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-799",
"description": "CWE-799",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T22:11:40.479Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"
}
],
"source": {
"advisory": "ICSA-24-172-03",
"discovery": "EXTERNAL"
},
"title": "Westermo L210-F2G Lynx Improper Control of Interaction Frequency",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eWestermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.\u003c/p\u003e\n\u003cp\u003eTo mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device\u0027s \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.\u003c/p\u003e\n\u003cp\u003eWestermo suggests limiting access to the device\u0027s CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.\u003c/p\u003e\n\u003cp\u003eWestermo will keep users updated on any further enhancements.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Westermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.\n\n\nTo mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device\u0027s \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.\n\n\nWestermo suggests limiting access to the device\u0027s CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.\n\n\nWestermo will keep users updated on any further enhancements."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-35246",
"datePublished": "2024-06-20T22:11:40.479Z",
"dateReserved": "2024-06-13T14:52:17.249Z",
"dateUpdated": "2024-08-02T03:07:46.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37183 (GCVE-0-2024-37183)
Vulnerability from cvelistv5 – Published: 2024-06-20 22:09 – Updated: 2024-08-02 03:50
VLAI?
Summary
Plain text credentials and session ID can be captured with a network sniffer.
Severity ?
5.7 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Westermo | L210-F2G Lynx |
Affected:
4.21.0
|
Credits
Aviv Malka and Joseph Baum of OTORIO reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:westermo:l210-f2g_lynx_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "l210-f2g_lynx_firmware",
"vendor": "westermo",
"versions": [
{
"status": "affected",
"version": "4.21.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-21T14:25:44.014433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T14:32:02.820Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:50:55.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "L210-F2G Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "4.21.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aviv Malka and Joseph Baum of OTORIO reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\nPlain text credentials and session ID can be captured with a network sniffer.\n\n"
}
],
"value": "Plain text credentials and session ID can be captured with a network sniffer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T22:09:21.235Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"
}
],
"source": {
"advisory": "ICSA-24-172-03",
"discovery": "EXTERNAL"
},
"title": "Westermo L210-F2G Lynx Cleartext Transmission of Sensitive Information",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eWestermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.\u003c/p\u003e\n\u003cp\u003eTo mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device\u0027s \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.\u003c/p\u003e\n\u003cp\u003eWestermo suggests limiting access to the device\u0027s CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.\u003c/p\u003e\n\u003cp\u003eWestermo will keep users updated on any further enhancements.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Westermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.\n\n\nTo mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device\u0027s \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.\n\n\nWestermo suggests limiting access to the device\u0027s CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.\n\n\nWestermo will keep users updated on any further enhancements."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-37183",
"datePublished": "2024-06-20T22:09:21.235Z",
"dateReserved": "2024-06-13T14:52:17.253Z",
"dateUpdated": "2024-08-02T03:50:55.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40143 (GCVE-0-2023-40143)
Vulnerability from cvelistv5 – Published: 2024-02-06 21:51 – Updated: 2024-08-02 18:24
VLAI?
Summary
An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Cross-site Scripting
Assigner
References
Credits
Aarón Flecha Menéndez, Iván Alonso Álvarez and Víctor Bello Cuevas reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40143",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-08T20:40:10.604186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:20:47.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:24:55.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "L206-F2G1"
},
{
"status": "affected",
"version": "4.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez, Iv\u00e1n Alonso \u00c1lvarez and V\u00edctor Bello Cuevas reported these vulnerabilities to CISA."
}
],
"datePublic": "2024-01-23T21:49:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"forward.0.domain\" parameter.\u003c/span\u003e\n\n"
}
],
"value": "\nAn attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"forward.0.domain\" parameter.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T21:51:51.093Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Westermo Lynx ",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u0026nbsp;\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThe reported cross-site scripting will be mitigated in a future report.\u003c/span\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u00a0\u00a0The reported cross-site scripting will be mitigated in a future report.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-40143",
"datePublished": "2024-02-06T21:51:51.093Z",
"dateReserved": "2023-10-12T20:21:27.711Z",
"dateUpdated": "2024-08-02T18:24:55.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45735 (GCVE-0-2023-45735)
Vulnerability from cvelistv5 – Published: 2024-02-06 21:48 – Updated: 2024-08-19 20:23
VLAI?
Summary
A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.
Severity ?
CWE
- CWE-94 - Code Injection
Assigner
References
Credits
Aarón Flecha Menéndez, Iván Alonso Álvarez and Víctor Bello Cuevas reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:29:31.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:westermo:l206-f2g1_firmware:4.24:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "l206-f2g1_firmware",
"vendor": "westermo",
"versions": [
{
"status": "affected",
"version": "4.24"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T20:20:19.123202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T20:23:15.940Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "L206-F2G1"
},
{
"status": "affected",
"version": "4.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez, Iv\u00e1n Alonso \u00c1lvarez and V\u00edctor Bello Cuevas reported these vulnerabilities to CISA."
}
],
"datePublic": "2024-01-23T21:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
}
],
"value": "\n\n\n\n\nA potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T21:48:14.731Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Westermo Lynx Code Injection",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u0026nbsp;\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThe reported code injection vulnerability will be mitigated in a future report.\u003c/span\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u00a0\u00a0The reported code injection vulnerability will be mitigated in a future report.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-45735",
"datePublished": "2024-02-06T21:48:14.731Z",
"dateReserved": "2023-10-12T20:21:27.722Z",
"dateUpdated": "2024-08-19T20:23:15.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45222 (GCVE-0-2023-45222)
Vulnerability from cvelistv5 – Published: 2024-02-06 21:44 – Updated: 2024-08-02 20:14
VLAI?
Summary
An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Cross-site Scripting
Assigner
References
Credits
Aarón Flecha Menéndez, Iván Alonso Álvarez and Víctor Bello Cuevas reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-07T19:23:55.215144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:40.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:14:19.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "L206-F2G1"
},
{
"status": "affected",
"version": "4.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez, Iv\u00e1n Alonso \u00c1lvarez and V\u00edctor Bello Cuevas reported these vulnerabilities to CISA."
}
],
"datePublic": "2024-01-23T21:42:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"autorefresh\" parameter.\u003c/span\u003e\n\n\u003c/span\u003e\n\n"
}
],
"value": "\n\n\nAn attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"autorefresh\" parameter.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T21:44:24.769Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Westermo Lynx Cross-site Scripting",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u0026nbsp;\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThe reported cross-site scripting will be mitigated in a future report.\u003c/span\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u00a0\u00a0The reported cross-site scripting will be mitigated in a future report.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-45222",
"datePublished": "2024-02-06T21:44:24.769Z",
"dateReserved": "2023-10-12T20:21:27.716Z",
"dateUpdated": "2024-08-02T20:14:19.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45213 (GCVE-0-2023-45213)
Vulnerability from cvelistv5 – Published: 2024-02-06 21:39 – Updated: 2025-05-15 19:43
VLAI?
Summary
A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device.
Severity ?
6.6 (Medium)
CWE
- CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
Assigner
References
Credits
Aarón Flecha Menéndez, Iván Alonso Álvarez and Víctor Bello Cuevas reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:14:20.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45213",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T19:08:08.241321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T19:43:25.845Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "L206-F2G1"
},
{
"status": "affected",
"version": "4.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez, Iv\u00e1n Alonso \u00c1lvarez and V\u00edctor Bello Cuevas reported these vulnerabilities to CISA."
}
],
"datePublic": "2024-01-23T21:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device.\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\nA potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-942",
"description": "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T21:39:36.259Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": " Westermo Lynx Permissive Cross-domain Policy with Untrusted Domains",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-45213",
"datePublished": "2024-02-06T21:39:36.259Z",
"dateReserved": "2023-10-12T20:21:27.727Z",
"dateUpdated": "2025-05-15T19:43:25.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42765 (GCVE-0-2023-42765)
Vulnerability from cvelistv5 – Published: 2024-02-06 21:34 – Updated: 2024-08-02 19:30
VLAI?
Summary
An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "username" parameter in the SNMP configuration.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Cross-site Scripting
Assigner
References
Credits
Aarón Flecha Menéndez, Iván Alonso Álvarez and Víctor Bello Cuevas reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-42765",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-21T20:21:37.178965Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:25:19.448Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:30:24.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "L206-F2G1"
},
{
"status": "affected",
"version": "4.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez, Iv\u00e1n Alonso \u00c1lvarez and V\u00edctor Bello Cuevas reported these vulnerabilities to CISA."
}
],
"datePublic": "2024-01-23T21:32:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"username\" parameter in the SNMP configuration.\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\nAn attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"username\" parameter in the SNMP configuration.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T21:34:09.540Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Westermo Lynx Cross-site Scripting",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u0026nbsp;\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThe reported cross-site scripting will be mitigated in a future report.\u003c/span\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u00a0\u00a0The reported cross-site scripting will be mitigated in a future report.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-42765",
"datePublished": "2024-02-06T21:34:09.540Z",
"dateReserved": "2023-10-12T20:21:27.751Z",
"dateUpdated": "2024-08-02T19:30:24.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40544 (GCVE-0-2023-40544)
Vulnerability from cvelistv5 – Published: 2024-02-06 21:27 – Updated: 2024-08-02 18:38
VLAI?
Summary
An attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications.
Severity ?
5.7 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Credits
Aarón Flecha Menéndez, Iván Alonso Álvarez and Víctor Bello Cuevas reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40544",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-07T16:18:27.518957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:56.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:50.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "L206-F2G1"
},
{
"status": "affected",
"version": "4.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez, Iv\u00e1n Alonso \u00c1lvarez and V\u00edctor Bello Cuevas reported these vulnerabilities to CISA."
}
],
"datePublic": "2024-01-23T21:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\n\n\nAn attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications.\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T21:27:00.798Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Westermo Lynx Cleartext Transmission of Sensitive Information",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-40544",
"datePublished": "2024-02-06T21:27:00.798Z",
"dateReserved": "2023-10-12T20:21:27.757Z",
"dateUpdated": "2024-08-02T18:38:50.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-45227 (GCVE-0-2023-45227)
Vulnerability from cvelistv5 – Published: 2024-02-06 21:22 – Updated: 2024-08-02 20:14
VLAI?
Summary
An attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "dns.0.server" parameter.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Cross-site Scripting
Assigner
References
Credits
Aarón Flecha Menéndez, Iván Alonso Álvarez and Víctor Bello Cuevas reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45227",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-18T13:59:15.122501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:20:05.380Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:14:19.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "L206-F2G1"
},
{
"status": "affected",
"version": "4.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez, Iv\u00e1n Alonso \u00c1lvarez and V\u00edctor Bello Cuevas reported these vulnerabilities to CISA."
}
],
"datePublic": "2024-01-23T21:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"dns.0.server\" parameter.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nAn attacker with access to the web application with vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the \"dns.0.server\" parameter.\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T21:22:36.141Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Westermo Lynx Cross-site Scripting",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u0026nbsp; T\u003cspan style=\"background-color: var(--wht);\"\u003ehe reported cross-site scripting will be mitigated in a future report.\u003c/span\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u00a0 The reported cross-site scripting will be mitigated in a future report.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-45227",
"datePublished": "2024-02-06T21:22:36.141Z",
"dateReserved": "2023-10-12T20:21:27.773Z",
"dateUpdated": "2024-08-02T20:14:19.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-38579 (GCVE-0-2023-38579)
Vulnerability from cvelistv5 – Published: 2024-02-06 21:16 – Updated: 2024-11-07 20:33
VLAI?
Summary
The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.
Severity ?
CWE
- CWE-352 - Cross-Site Request Forgery
Assigner
References
Credits
Aarón Flecha Menéndez, Iván Alonso Álvarez and Víctor Bello Cuevas reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:46:56.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-38579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-07T19:44:11.991190Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T20:33:42.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lynx",
"vendor": "Westermo",
"versions": [
{
"status": "affected",
"version": "L206-F2G1"
},
{
"status": "affected",
"version": "4.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez, Iv\u00e1n Alonso \u00c1lvarez and V\u00edctor Bello Cuevas reported these vulnerabilities to CISA."
}
],
"datePublic": "2024-01-23T21:16:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "\n\n\n\n\n\n\n\n\n\n\n\n\nThe cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T21:16:48.926Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Westermo Lynx 206-F2G Cross-Site Request Forgery",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u0026nbsp;\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThe reported cross site request forgery vulnerability was patched in a later WeOS4 version.\u003c/span\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nWestermo recommends following best practices for hardening, such as restricting access, disable unused services (attack surface reduction), etc., to mitigate the reported vulnerabilities.\u00a0\u00a0The reported cross site request forgery vulnerability was patched in a later WeOS4 version.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-38579",
"datePublished": "2024-02-06T21:16:48.926Z",
"dateReserved": "2023-10-12T20:21:27.767Z",
"dateUpdated": "2024-11-07T20:33:42.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12504 (GCVE-0-2020-12504)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-16 17:09
VLAI?
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.
Severity ?
9.8 (Critical)
CWE
- CWE-912 - Hidden Functionality
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|||||||||||||||||
|
|||||||||||||||||||
Credits
T. Weber (SEC Consult Vulnerability Lab)
Coordinated by CERT@VDE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912 Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:15",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "For ICRL-M-8RJ45/4SFP-G-DIN and ICRL-M-16RJ45/4CP-G-DIN:\nUpdate to Firmware 1.3.1 and deactivate TFTP-Service.\n\nFor all other devices:\nAn external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12504",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-912 Hidden Functionality"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "For ICRL-M-8RJ45/4SFP-G-DIN and ICRL-M-16RJ45/4CP-G-DIN:\nUpdate to Firmware 1.3.1 and deactivate TFTP-Service.\n\nFor all other devices:\nAn external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12504",
"datePublished": "2020-10-15T18:42:59.041481Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-16T17:09:09.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12503 (GCVE-0-2020-12503)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-17 04:24
VLAI?
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.
Severity ?
7.2 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|||||||||||||||||
|
|||||||||||||||||||
Credits
T. Weber (SEC Consult Vulnerability Lab)
Coordinated by CERT@VDE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:09",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12503",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12503",
"datePublished": "2020-10-15T18:42:58.016798Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-17T04:24:41.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12502 (GCVE-0-2020-12502)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-16 18:43
VLAI?
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration.
Severity ?
8.8 (High)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
|||||||||||||||||
|
|||||||||||||||||||
Credits
T. Weber (SEC Consult Vulnerability Lab)
Coordinated by CERT@VDE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:11",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12502",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12502",
"datePublished": "2020-10-15T18:42:57.229561Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-16T18:43:33.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12501 (GCVE-0-2020-12501)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-16 19:20
VLAI?
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
Severity ?
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
||||||||||||
|
||||||||||||||
Credits
T. Weber (SEC Consult Vulnerability Lab)
Coordinated by CERT@VDE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T16:06:23",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12501",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"name": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12501",
"datePublished": "2020-10-15T18:42:56.306067Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-16T19:20:40.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12500 (GCVE-0-2020-12500)
Vulnerability from cvelistv5 – Published: 2020-10-15 18:42 – Updated: 2024-09-17 01:10
VLAI?
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Affected:
ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all
Affected: ES7510-XT , < 2.1.1 (custom) Affected: ES8510 , < 3.1.1 (custom) |
||||||||||||
|
||||||||||||||
Credits
T. Weber (SEC Consult Vulnerability Lab)
Coordinated by CERT@VDE
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:13",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12500",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12500",
"datePublished": "2020-10-15T18:42:54.978315Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-17T01:10:49.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7923 (GCVE-0-2015-7923)
Vulnerability from cvelistv5 – Published: 2016-01-30 11:00 – Updated: 2024-08-06 08:06
VLAI?
Summary
Westermo WeOS before 4.19.0 uses the same SSL private key across different customers' installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:30.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-028-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Westermo WeOS before 4.19.0 uses the same SSL private key across different customers\u0027 installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-01-30T11:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-028-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-7923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Westermo WeOS before 4.19.0 uses the same SSL private key across different customers\u0027 installations, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-028-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-028-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-7923",
"datePublished": "2016-01-30T11:00:00",
"dateReserved": "2015-10-22T00:00:00",
"dateUpdated": "2024-08-06T08:06:30.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}