FKIE_CVE-2018-4065

Vulnerability from fkie_nvd - Published: 2019-05-06 19:29 - Updated: 2024-11-21 04:06
Severity ?
6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the victim's browser. An attacker can get a victim to click a link, or embedded URL, that redirects to the reflected cross-site scripting vulnerability to trigger this vulnerability.
References
talos-cna@cisco.comhttp://packetstormsecurity.com/files/152650/Sierra-Wireless-AirLink-ES450-ACEManager-ping_result.cgi-Cross-Site-Scripting.html
talos-cna@cisco.comhttp://www.securityfocus.com/bid/108147
talos-cna@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-19-122-03
talos-cna@cisco.comhttps://talosintelligence.com/vulnerability_reports/TALOS-2018-0750Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/152650/Sierra-Wireless-AirLink-ES450-ACEManager-ping_result.cgi-Cross-Site-Scripting.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108147
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03
af854a3a-2127-422b-91ae-364da2661108https://talosintelligence.com/vulnerability_reports/TALOS-2018-0750Exploit, Third Party Advisory
Impacted products
Vendor Product Version
sierrawireless airlink_es450_firmware 4.9.3
sierrawireless airlink_es450 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sierrawireless:airlink_es450_firmware:4.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B67419F-92AF-48DF-873D-F9E0190BFFD0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E042BE5-9B2E-42B9-B455-FDB35251B0A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the victim\u0027s browser. An attacker can get a victim to click a link, or embedded URL, that redirects to the reflected cross-site scripting vulnerability to trigger this vulnerability."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de Corss-Site Scripting explotable en la funcionalidad ACEManager ping_result.cgi de Sierra Wireless AirLink ES450 FW 4.9.3. Una petici\u00f3n HTTP especialmente creado puede causar la ejecuci\u00f3n de c\u00f3digo javascript reflejado, resultando en la ejecuci\u00f3n de c\u00f3digo javascript en el navegador del v\u00edctima. Un atacante puede conseguir que una v\u00edctima haga clic en un enlace, o URL embebida, que redirija a la vulnerabilidad Corss-Site Scripting reflejada para disparar esta vulnerabilidad."
    }
  ],
  "id": "CVE-2018-4065",
  "lastModified": "2024-11-21T04:06:40.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-06T19:29:00.700",
  "references": [
    {
      "source": "talos-cna@cisco.com",
      "url": "http://packetstormsecurity.com/files/152650/Sierra-Wireless-AirLink-ES450-ACEManager-ping_result.cgi-Cross-Site-Scripting.html"
    },
    {
      "source": "talos-cna@cisco.com",
      "url": "http://www.securityfocus.com/bid/108147"
    },
    {
      "source": "talos-cna@cisco.com",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
    },
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0750"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/152650/Sierra-Wireless-AirLink-ES450-ACEManager-ping_result.cgi-Cross-Site-Scripting.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0750"
    }
  ],
  "sourceIdentifier": "talos-cna@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.