Vulnerability-Lookup

CVE-2015-10123 (GCVE-0-2015-10123)

Vulnerability from cvelistv5 – Published: 2024-03-13 08:31 – Updated: 2024-10-23 09:40

Title

Wago: Buffer Copy without Checking Size of Input in wbm of multiple products

Summary

An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

CERTVDE

References

1 reference

URL	Tags
https://cert.vde.com/en/advisories/VDE-2023-039/

Impacted products

14 products

Vendor	Product	Version
WAGO	Controller BACnet/IP	Affected: 0 , ≤ FW13 (custom)
WAGO	Controller BACnet MS/TP	Affected: 0 , ≤ FW13 (custom)
WAGO	Ethernet Controller 3rd Generation	Affected: 0 , ≤ FW13 (custom)
WAGO	Fieldbus Coupler Ethernet 3rd Generation	Affected: 0 , ≤ FW13 (custom)
wago	750-352_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-352_firmware::::::::
wago	750-831_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-831_firmware::::::::
wago	750-829_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-829_firmware::::::::
wago	750-852_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-852_firmware::::::::
wago	750-880_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-880_firmware::::::::
wago	750-881_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-881_firmware::::::::
wago	750-882_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-882_firmware::::::::
wago	750-885_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-885_firmware::::::::
wago	750-889_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-889_firmware::::::::
wago	750-884_firmware	Affected: 0 , ≤ FW13 (semver) cpe:2.3:o:wago:750-884_firmware::::::::

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:58:26.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en/advisories/VDE-2023-039/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-352_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-831_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-829_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-852_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-880_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-881_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-882_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-885_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-889_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:wago:750-884_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "750-884_firmware",
            "vendor": "wago",
            "versions": [
              {
                "lessThanOrEqual": "FW13",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2015-10123",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-06T18:34:04.204030Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:37:09.871Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Controller BACnet/IP",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW13",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Controller BACnet MS/TP",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW13",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Ethernet Controller 3rd Generation",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW13",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Ethernet Controller 3rd Generation",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW13",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fieldbus Coupler Ethernet 3rd Generation",
          "vendor": "WAGO",
          "versions": [
            {
              "lessThanOrEqual": "FW13",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\u003cbr\u003e"
            }
          ],
          "value": "An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T09:40:12.408Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://cert.vde.com/en/advisories/VDE-2023-039/"
        }
      ],
      "source": {
        "advisory": "VDE-2023-039",
        "defect": [
          "CERT@VDE#64546"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Wago: Buffer Copy without Checking Size of Input in wbm of multiple products",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2015-10123",
    "datePublished": "2024-03-13T08:31:55.341Z",
    "dateReserved": "2023-09-14T13:00:03.904Z",
    "dateUpdated": "2024-10-23T09:40:12.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2015-10123",
      "date": "2026-06-02",
      "epss": "0.00649",
      "percentile": "0.71165"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\"}, {\"lang\": \"es\", \"value\": \"Un atacante remoto no autenticado podr\\u00eda enviar paquetes espec\\u00edficamente manipulados a un dispositivo afectado. Si un usuario autenticado ve esos datos en una p\\u00e1gina espec\\u00edfica de la administraci\\u00f3n basada en web, se activar\\u00e1 un desbordamiento del b\\u00fafer para obtener acceso completo al dispositivo.\"}]",
      "id": "CVE-2015-10123",
      "lastModified": "2024-11-21T02:24:26.433",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"info@cert.vde.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2024-03-13T09:15:06.633",
      "references": "[{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-039/\", \"source\": \"info@cert.vde.com\"}, {\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-039/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "info@cert.vde.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"info@cert.vde.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-10123\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2024-03-13T09:15:06.633\",\"lastModified\":\"2024-11-21T02:24:26.433\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\"},{\"lang\":\"es\",\"value\":\"Un atacante remoto no autenticado podr\u00eda enviar paquetes espec\u00edficamente manipulados a un dispositivo afectado. Si un usuario autenticado ve esos datos en una p\u00e1gina espec\u00edfica de la administraci\u00f3n basada en web, se activar\u00e1 un desbordamiento del b\u00fafer para obtener acceso completo al dispositivo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-039/\",\"source\":\"info@cert.vde.com\"},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-039/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-039/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T08:58:26.532Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2015-10123\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-06T18:34:04.204030Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-352_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-831_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-829_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-852_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-880_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-881_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-882_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-885_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-889_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:wago:750-884_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"wago\", \"product\": \"750-884_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-06T19:33:33.376Z\"}}], \"cna\": {\"title\": \"Wago: Buffer Copy without Checking Size of Input in wbm of multiple products\", \"source\": {\"defect\": [\"CERT@VDE#64546\"], \"advisory\": \"VDE-2023-039\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"WAGO\", \"product\": \"Controller BACnet/IP\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Controller BACnet MS/TP\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Ethernet Controller 3rd Generation\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Ethernet Controller 3rd Generation\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"WAGO\", \"product\": \"Fieldbus Coupler Ethernet 3rd Generation\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"FW13\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-039/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"shortName\": \"CERTVDE\", \"dateUpdated\": \"2024-10-23T09:40:12.408Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2015-10123\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-23T09:40:12.408Z\", \"dateReserved\": \"2023-09-14T13:00:03.904Z\", \"assignerOrgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"datePublished\": \"2024-03-13T08:31:55.341Z\", \"assignerShortName\": \"CERTVDE\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2015-10123

Vulnerability from fkie_nvd - Published: 2024-03-13 09:15 - Updated: 2026-04-15 00:35

Severity

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	info@cert.vde.com	https://cert.vde.com/en/advisories/VDE-2023-039/
	af854a3a-2127-422b-91ae-364da2661108	https://cert.vde.com/en/advisories/VDE-2023-039/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device."
    },
    {
      "lang": "es",
      "value": "Un atacante remoto no autenticado podr\u00eda enviar paquetes espec\u00edficamente manipulados a un dispositivo afectado. Si un usuario autenticado ve esos datos en una p\u00e1gina espec\u00edfica de la administraci\u00f3n basada en web, se activar\u00e1 un desbordamiento del b\u00fafer para obtener acceso completo al dispositivo."
    }
  ],
  "id": "CVE-2015-10123",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "info@cert.vde.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-13T09:15:06.633",
  "references": [
    {
      "source": "info@cert.vde.com",
      "url": "https://cert.vde.com/en/advisories/VDE-2023-039/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert.vde.com/en/advisories/VDE-2023-039/"
    }
  ],
  "sourceIdentifier": "info@cert.vde.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "info@cert.vde.com",
      "type": "Secondary"
    }
  ]
}

GHSA-6QMR-X8PC-Q3R8

Vulnerability from github – Published: 2024-03-13 09:31 – Updated: 2024-03-13 09:31

Details

Severity

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-10123"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-13T09:15:06Z",
    "severity": "HIGH"
  },
  "details": "An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\n",
  "id": "GHSA-6qmr-x8pc-q3r8",
  "modified": "2024-03-13T09:31:22Z",
  "published": "2024-03-13T09:31:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-10123"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/en/advisories/VDE-2023-039"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2015-10123

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-10123

Aliases

CVE-2015-10123

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-10123",
    "id": "GSD-2015-10123"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-10123"
      ],
      "details": "An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\n",
      "id": "GSD-2015-10123",
      "modified": "2023-12-13T01:20:06.937937Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "info@cert.vde.com",
        "ID": "CVE-2015-10123",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Controller BACnet/IP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "0",
                          "version_value": "FW13"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Controller BACnet MS/TP",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "0",
                          "version_value": "FW13"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Ethernet Controller 3rd Generation",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "0",
                          "version_value": "FW13"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Fieldbus Coupler Ethernet 3rd Generation",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "0",
                          "version_value": "FW13"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "WAGO"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-120",
                "lang": "eng",
                "value": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert.vde.com/en/advisories/VDE-2023-039/",
            "refsource": "MISC",
            "url": "https://cert.vde.com/en/advisories/VDE-2023-039/"
          }
        ]
      },
      "source": {
        "advisory": "VDE-2023-039",
        "defect": [
          "CERT@VDE#64546"
        ],
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.\n"
          },
          {
            "lang": "es",
            "value": "Un atacante remoto no autenticado podr\u00eda enviar paquetes espec\u00edficamente manipulados a un dispositivo afectado. Si un usuario autenticado ve esos datos en una p\u00e1gina espec\u00edfica de la administraci\u00f3n basada en web, se activar\u00e1 un desbordamiento del b\u00fafer para obtener acceso completo al dispositivo."
          }
        ],
        "id": "CVE-2015-10123",
        "lastModified": "2024-03-13T12:33:51.697",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 5.9,
              "source": "info@cert.vde.com",
              "type": "Primary"
            }
          ]
        },
        "published": "2024-03-13T09:15:06.633",
        "references": [
          {
            "source": "info@cert.vde.com",
            "url": "https://cert.vde.com/en/advisories/VDE-2023-039/"
          }
        ],
        "sourceIdentifier": "info@cert.vde.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-120"
              }
            ],
            "source": "info@cert.vde.com",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

VDE-2023-039

Vulnerability from csaf_wagogmbhcokg - Published: 2024-03-13 08:30 - Updated: 2024-03-13 08:30

Summary

Wago: Multiple vulnerabilities in web-based management of multiple products

Notes

Summary: The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning, and updates. The option to change the configuration data via tools or the web-based-management enabled attackers to prepare cross-site-scripting attacks and under specific circumstances perform remote code execution.

Impact: The web-based management of affected products is vulnerable to Reflective Cross-Site Scripting. This can be used to install malicious code and to gain access to confidential information on a System that connects to the WBM after it has been compromised. Additionally, the affected products contain a buffer overflow vulnerability which enables attackers to remotely execute code, which could lead to compromise of data and execution of malicious code.

Mitigation: If not needed, you can deactivate the web-based management to prevent attacks (command line). Disableunused TCP/UDP-ports. Restrict network access to the device. Do not directly connect the device to theinternet.

Remediation: A fix for the affected firmwares will be provided with the following firmware versions: - FW14 installed on 750-352/xxx-xxx - FW14 installed on 750-88x/xxx-xxx - FW14 installed on 750-852 No fix planned for products: <= FW13 installed on 750-831/xxx-xxx <= FW13 installed on 750-829

CVE-2015-10123

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Mitigation If not needed, you can deactivate the web-based management to prevent attacks (command line). Disableunused TCP/UDP-ports. Restrict network access to the device. Do not directly connect the device to theinternet.

Vendor Fix A fix for the affected firmwares will be provided with the following firmware versions: - FW14 installed on 750-352/xxx-xxx - FW14 installed on 750-88x/xxx-xxx - FW14 installed on 750-852 No fix planned for products: <= FW13 installed on 750-831/xxx-xxx <= FW13 installed on 750-829

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 4 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—

CVE-2018-25090

An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation. User interaction is required. This leads to a limited impact of confidentiality and integrity but no impact of availability.

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 4 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—

References

4 references

URL	Category
https://certvde.com/en/advisories/VDE-2023-039/	self
https://wago.csaf-tp.certvde.com/.well-known/csaf…	self
https://www.wago.com/psirt	external
https://certvde.com/en/advisories/vendor/wago/	external

Acknowledgments

CERT@VDE certvde.com

Nettitude Connor Ford

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "names": [
          "Connor Ford"
        ],
        "organization": "Nettitude",
        "summary": "reporting"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning, and updates.\nThe option to change the configuration data via tools or the web-based-management enabled attackers to prepare cross-site-scripting attacks and under specific circumstances perform remote code execution.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "The web-based management of affected products is vulnerable to Reflective Cross-Site Scripting. This can be used to install malicious code and to gain access to confidential information on a System that connects to the WBM after it has been compromised.\nAdditionally, the affected products contain a buffer overflow vulnerability which enables attackers to remotely execute code, which could lead to compromise of data and execution of malicious code.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "If not needed, you can deactivate the web-based management to prevent attacks (command line). Disableunused TCP/UDP-ports. Restrict network access to the device. Do not directly connect the device to theinternet.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "A fix for the affected firmwares will be provided with the following firmware versions:\n\n- FW14 installed on\u00a0750-352/xxx-xxx\n- FW14 installed on 750-88x/xxx-xxx\n- FW14 installed on 750-852\n\nNo fix planned for products:\n\n\u003c= FW13 installed on 750-831/xxx-xxx\n\n\u003c= FW13 installed on 750-829",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@wago.com",
      "name": "WAGO GmbH \u0026 Co. KG",
      "namespace": "https://www.wago.com/psirt"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2023-039: Wago: Multiple vulnerabilities in web-based management of multiple products - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2023-039/"
      },
      {
        "category": "self",
        "summary": "VDE-2023-039: Wago: Multiple vulnerabilities in web-based management of multiple products - CSAF",
        "url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2023-039.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.wago.com/psirt"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for WAGO GmbH \u0026 Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/wago/"
      }
    ],
    "title": "Wago: Multiple vulnerabilities in web-based management of multiple products",
    "tracking": {
      "aliases": [
        "VDE-2023-039"
      ],
      "current_release_date": "2024-03-13T08:30:00.000Z",
      "generator": {
        "date": "2025-05-05T09:26:55.122Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.24"
        }
      },
      "id": "VDE-2023-039",
      "initial_release_date": "2024-03-13T08:30:00.000Z",
      "revision_history": [
        {
          "date": "2024-03-13T08:30:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Controller BACnet/IP",
                "product": {
                  "name": "Controller BACnet/IP",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-831/xxx-xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Controller BACnet MS/TP",
                "product": {
                  "name": "Controller BACnet MS/TP",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-829"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Ethernet Controller 3rd Generation",
                "product": {
                  "name": "Ethernet Controller 3rd Generation",
                  "product_id": "CSAFPID-11003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-852",
                      "750-88x/xxx-xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fieldbus Coupler Ethernet 3rd Generation",
                "product": {
                  "name": "Fieldbus Coupler Ethernet 3rd Generation",
                  "product_id": "CSAFPID-11004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-352/xxx-xxx"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=FW13",
                "product": {
                  "name": "Firmware \u003c=FW13",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version",
                "name": "FW14",
                "product": {
                  "name": "Firmware FW14",
                  "product_id": "CSAFPID-22001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Wago"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ],
        "summary": "Affected products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "summary": "Fixed products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW13 installed on Controller BACnet/IP",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW13 installed on Controller BACnet MS/TP",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW13 installed on Ethernet Controller 3rd Generation",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW13 installed on Fieldbus Coupler Ethernet 3rd Generation",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW14 installed on Ethernet Controller 3rd Generation",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW14 installed on Fieldbus Coupler Ethernet 3rd Generation",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11004"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-10123",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the device.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If not needed, you can deactivate the web-based management to prevent attacks (command line). Disableunused TCP/UDP-ports. Restrict network access to the device. Do not directly connect the device to theinternet.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "A fix for the affected firmwares will be provided with the following firmware versions:\n\n- FW14 installed on\u00a0750-352/xxx-xxx\n- FW14 installed on 750-88x/xxx-xxx\n- FW14 installed on 750-852\n\nNo fix planned for products:\n\n\u003c= FW13 installed on 750-831/xxx-xxx\n\n\u003c= FW13 installed on 750-829",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2015-10123"
    },
    {
      "cve": "CVE-2018-25090",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation. User interaction is required.\u00a0This leads to a limited impact of confidentiality and integrity but no impact of availability.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If not needed, you can deactivate the web-based management to prevent attacks (command line). Disableunused TCP/UDP-ports. Restrict network access to the device. Do not directly connect the device to theinternet.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "A fix for the affected firmwares will be provided with the following firmware versions:\n\n- FW14 installed on\u00a0750-352/xxx-xxx\n- FW14 installed on 750-88x/xxx-xxx\n- FW14 installed on 750-852\n\nNo fix planned for products:\n\n\u003c= FW13 installed on 750-831/xxx-xxx\n\n\u003c= FW13 installed on 750-829",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 5.4,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.4,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2018-25090"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-10123 (GCVE-0-2015-10123)

FKIE_CVE-2015-10123

GHSA-6QMR-X8PC-Q3R8

GSD-2015-10123

VDE-2023-039

Tags

Sightings

Nomenclature