CVE-2024-6456 (GCVE-0-2024-6456)
Vulnerability from cvelistv5 – Published: 2024-08-15 20:10 – Updated: 2024-08-16 13:32
VLAI?
Title
SQL Injection vulnerability in AVEVA Historian Server
Summary
AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AVEVA | Historian Web Server |
Affected:
2023R2
Affected: 2023 , < 2023 P03 (custom) Affected: 2020 , < 2020 R2 SP1 P01 (custom) |
Credits
Maurizio Gatti from Accenture S.p.A reported this vulnerability to AVEVA.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "historian",
"vendor": "aveva",
"versions": [
{
"lessThan": "2020_r2_sp1_p01",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:aveva:historian:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "historian",
"vendor": "aveva",
"versions": [
{
"lessThan": "2023_p03",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:aveva:historian:2023r2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "historian",
"vendor": "aveva",
"versions": [
{
"status": "affected",
"version": "2023r2"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6456",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T13:26:10.793548Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T13:32:49.662Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Historian Web Server",
"vendor": "AVEVA",
"versions": [
{
"status": "affected",
"version": "2023R2"
},
{
"lessThan": "2023 P03",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2020 R2 SP1 P01",
"status": "affected",
"version": "2020",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maurizio Gatti from Accenture S.p.A reported this vulnerability to AVEVA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL."
}
],
"value": "AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T20:10:58.586Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-10"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users with affected product versions should apply security updates as soon as possible.\u003c/p\u003e\u003cp\u003eAVEVA recommends Historian is upgraded by AVEVA System Platform media:\u003c/p\u003e\u003cul\u003e\u003cli\u003e(Recommended) All affected versions can be fixed by upgrading to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/#/producthub/details?id=f9477c62-1966-4020-8909-fa20f4ef2b2b\"\u003eAVEVA System Platform 2023 R2 P01\u003c/a\u003e\u003c/li\u003e\u003cli\u003e(Alternative 1) Historian 2023 through 2023 P03 can be fixed by upgrading to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/#/producthub/details?id=2a9cc3c1-be8a-4f61-8973-dadab079f9a7\"\u003eAVEVA System Platform 2023 P04\u003c/a\u003e\u003c/li\u003e\u003cli\u003e(Alternative 2) Historian 2020 R2 through 2020 R2 SP1 P01 can be fixed by first upgrading to AVEVA System Platform 2020 R2 SP1 P01 and then applying Hotfix 3190476. Please contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support/support-contact/\"\u003eAVEVA Global Customer Support\u003c/a\u003e\u0026nbsp;for instructions on how to download and apply this security fix.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eAVEVA also recommends the following general defensive measures:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEstablish procedures for Historian REST Interface users to verify the source of URLs shared with them is trusted before opening.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor information on how to reach AVEVA support for your product, please refer to this link: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/en/support/support-contact/\"\u003eAVEVA Customer Support\u003c/a\u003e. If you discover errors or omissions in this advisory, please report the finding to Support.\u003c/p\u003e\u003cp\u003eFor the latest AVEVA security information and security updates, please visit \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://softwaresupportsp.aveva.com/#/securitycentral\"\u003eAVEVA Security Central\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eAveva recommends users looking for general information regarding how to secure Industrial Control Systems reference the NIST Guide to Operational Technology (OT) Security, \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r3.pdf\"\u003eNIST SP800-82r3\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eFor more information, see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2024-005.pdf\"\u003eAVEVA\u0027s Security Bulletin AVEVA-2024-005.\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users with affected product versions should apply security updates as soon as possible.\n\nAVEVA recommends Historian is upgraded by AVEVA System Platform media:\n\n * (Recommended) All affected versions can be fixed by upgrading to AVEVA System Platform 2023 R2 P01 https://softwaresupportsp.aveva.com/#/producthub/details \n * (Alternative 1) Historian 2023 through 2023 P03 can be fixed by upgrading to AVEVA System Platform 2023 P04 https://softwaresupportsp.aveva.com/#/producthub/details \n * (Alternative 2) Historian 2020 R2 through 2020 R2 SP1 P01 can be fixed by first upgrading to AVEVA System Platform 2020 R2 SP1 P01 and then applying Hotfix 3190476. Please contact AVEVA Global Customer Support https://www.aveva.com/en/support/support-contact/ \u00a0for instructions on how to download and apply this security fix.\n\n\nAVEVA also recommends the following general defensive measures:\n\n * Establish procedures for Historian REST Interface users to verify the source of URLs shared with them is trusted before opening.\n\n\nFor information on how to reach AVEVA support for your product, please refer to this link: AVEVA Customer Support https://www.aveva.com/en/support/support-contact/ . If you discover errors or omissions in this advisory, please report the finding to Support.\n\nFor the latest AVEVA security information and security updates, please visit AVEVA Security Central https://softwaresupportsp.aveva.com/#/securitycentral .\n\nAveva recommends users looking for general information regarding how to secure Industrial Control Systems reference the NIST Guide to Operational Technology (OT) Security, NIST SP800-82r3 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r3.pdf .\n\nFor more information, see AVEVA\u0027s Security Bulletin AVEVA-2024-005. https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2024-005.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SQL Injection vulnerability in AVEVA Historian Server",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-6456",
"datePublished": "2024-08-15T20:10:58.586Z",
"dateReserved": "2024-07-02T18:09:17.280Z",
"dateUpdated": "2024-08-16T13:32:49.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.\"}, {\"lang\": \"es\", \"value\": \" AVEVA Historian Server tiene una vulnerabilidad que, si se explota, podr\\u00eda permitir que un comando SQL malicioso se ejecute bajo los privilegios de un usuario interactivo de la interfaz REST de Historian que hab\\u00eda sido dise\\u00f1ado socialmente por un malhechor para abrir una URL especialmente manipulada.\"}]",
"id": "CVE-2024-6456",
"lastModified": "2024-08-19T13:00:23.117",
"metrics": "{\"cvssMetricV40\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 8.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"ACTIVE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"NONE\", \"subsequentSystemConfidentiality\": \"NONE\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}]}",
"published": "2024-08-15T21:15:18.047",
"references": "[{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-10\", \"source\": \"ics-cert@hq.dhs.gov\"}]",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-6456\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2024-08-15T21:15:18.047\",\"lastModified\":\"2024-08-19T13:00:23.117\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.\"},{\"lang\":\"es\",\"value\":\" AVEVA Historian Server tiene una vulnerabilidad que, si se explota, podr\u00eda permitir que un comando SQL malicioso se ejecute bajo los privilegios de un usuario interactivo de la interfaz REST de Historian que hab\u00eda sido dise\u00f1ado socialmente por un malhechor para abrir una URL especialmente manipulada.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"references\":[{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-10\",\"source\":\"ics-cert@hq.dhs.gov\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-6456\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-16T13:26:10.793548Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:aveva:historian:2020:-:*:*:*:*:*:*\"], \"vendor\": \"aveva\", \"product\": \"historian\", \"versions\": [{\"status\": \"affected\", \"version\": \"2020\", \"lessThan\": \"2020_r2_sp1_p01\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:aveva:historian:2023:*:*:*:*:*:*:*\"], \"vendor\": \"aveva\", \"product\": \"historian\", \"versions\": [{\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023_p03\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:aveva:historian:2023r2:*:*:*:*:*:*:*\"], \"vendor\": \"aveva\", \"product\": \"historian\", \"versions\": [{\"status\": \"affected\", \"version\": \"2023r2\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-16T13:32:44.071Z\"}}], \"cna\": {\"title\": \"SQL Injection vulnerability in AVEVA Historian Server\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Maurizio Gatti from Accenture S.p.A reported this vulnerability to AVEVA.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 8.5, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"AVEVA\", \"product\": \"Historian Web Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"2023R2\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023 P03\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2020\", \"lessThan\": \"2020 R2 SP1 P01\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"AVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users with affected product versions should apply security updates as soon as possible.\\n\\nAVEVA recommends Historian is upgraded by AVEVA System Platform media:\\n\\n * (Recommended) All affected versions can be fixed by upgrading to AVEVA System Platform 2023 R2 P01 https://softwaresupportsp.aveva.com/#/producthub/details \\n * (Alternative 1) Historian 2023 through 2023 P03 can be fixed by upgrading to AVEVA System Platform 2023 P04 https://softwaresupportsp.aveva.com/#/producthub/details \\n * (Alternative 2) Historian 2020 R2 through 2020 R2 SP1 P01 can be fixed by first upgrading to AVEVA System Platform 2020 R2 SP1 P01 and then applying Hotfix 3190476. Please contact AVEVA Global Customer Support https://www.aveva.com/en/support/support-contact/ \\u00a0for instructions on how to download and apply this security fix.\\n\\n\\nAVEVA also recommends the following general defensive measures:\\n\\n * Establish procedures for Historian REST Interface users to verify the source of URLs shared with them is trusted before opening.\\n\\n\\nFor information on how to reach AVEVA support for your product, please refer to this link: AVEVA Customer Support https://www.aveva.com/en/support/support-contact/ . If you discover errors or omissions in this advisory, please report the finding to Support.\\n\\nFor the latest AVEVA security information and security updates, please visit AVEVA Security Central https://softwaresupportsp.aveva.com/#/securitycentral .\\n\\nAveva recommends users looking for general information regarding how to secure Industrial Control Systems reference the NIST Guide to Operational Technology (OT) Security, NIST SP800-82r3 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r3.pdf .\\n\\nFor more information, see AVEVA\u0027s Security Bulletin AVEVA-2024-005. https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2024-005.pdf\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eAVEVA recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Users with affected product versions should apply security updates as soon as possible.\u003c/p\u003e\u003cp\u003eAVEVA recommends Historian is upgraded by AVEVA System Platform media:\u003c/p\u003e\u003cul\u003e\u003cli\u003e(Recommended) All affected versions can be fixed by upgrading to \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://softwaresupportsp.aveva.com/#/producthub/details?id=f9477c62-1966-4020-8909-fa20f4ef2b2b\\\"\u003eAVEVA System Platform 2023 R2 P01\u003c/a\u003e\u003c/li\u003e\u003cli\u003e(Alternative 1) Historian 2023 through 2023 P03 can be fixed by upgrading to \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://softwaresupportsp.aveva.com/#/producthub/details?id=2a9cc3c1-be8a-4f61-8973-dadab079f9a7\\\"\u003eAVEVA System Platform 2023 P04\u003c/a\u003e\u003c/li\u003e\u003cli\u003e(Alternative 2) Historian 2020 R2 through 2020 R2 SP1 P01 can be fixed by first upgrading to AVEVA System Platform 2020 R2 SP1 P01 and then applying Hotfix 3190476. Please contact \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.aveva.com/en/support/support-contact/\\\"\u003eAVEVA Global Customer Support\u003c/a\u003e\u0026nbsp;for instructions on how to download and apply this security fix.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eAVEVA also recommends the following general defensive measures:\u003c/p\u003e\u003cul\u003e\u003cli\u003eEstablish procedures for Historian REST Interface users to verify the source of URLs shared with them is trusted before opening.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor information on how to reach AVEVA support for your product, please refer to this link: \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.aveva.com/en/support/support-contact/\\\"\u003eAVEVA Customer Support\u003c/a\u003e. If you discover errors or omissions in this advisory, please report the finding to Support.\u003c/p\u003e\u003cp\u003eFor the latest AVEVA security information and security updates, please visit \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://softwaresupportsp.aveva.com/#/securitycentral\\\"\u003eAVEVA Security Central\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eAveva recommends users looking for general information regarding how to secure Industrial Control Systems reference the NIST Guide to Operational Technology (OT) Security, \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r3.pdf\\\"\u003eNIST SP800-82r3\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eFor more information, see \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2024-005.pdf\\\"\u003eAVEVA\u0027s Security Bulletin AVEVA-2024-005.\u003c/a\u003e\u003c/p\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-24-228-10\", \"tags\": [\"government-resource\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-89\", \"description\": \"CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2024-08-15T20:10:58.586Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-6456\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-16T13:32:49.662Z\", \"dateReserved\": \"2024-07-02T18:09:17.280Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2024-08-15T20:10:58.586Z\", \"assignerShortName\": \"icscert\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…