VAR-201609-0482
Vulnerability from variot - Updated: 2023-12-18 13:44The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. The SCALANCE M series are industrial routers used to secure remote access.
SIEMENS SCALANCE m-800 / S61 module has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain sensitive information, posing a risk of information leakage. Successful exploits may lead to other attacks. Versions prior to Siemens Scalance M-800 / S615 4.02 are vulnerable. Both Siemens Scalance M-800 and S615 are products of Siemens, Germany. The former is an industrial router and the latter is a firewall
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0482",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scalance s615",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.01"
},
{
"model": "scalance m-800",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.01"
},
{
"model": "scalance m-800",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance m-800",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "4.02"
},
{
"model": "scalance s615",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "scalance s615",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "4.02"
},
{
"model": "scalance m-800 s615",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "/"
},
{
"model": "scalance m-800",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.01"
},
{
"model": "scalance s615",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.01"
},
{
"model": "scalance s615",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance m-800",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "scalance s-615",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.02"
},
{
"model": "scalance m-800",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.02"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"db": "BID",
"id": "93115"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"db": "NVD",
"id": "CVE-2016-7090"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7090"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Van Maele and Tijl Deneut from HOWEST.",
"sources": [
{
"db": "BID",
"id": "93115"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
],
"trust": 0.9
},
"cve": "CVE-2016-7090",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-7090",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CNVD-2016-07905",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-95910",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-7090",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-7090",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-07905",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-573",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-95910",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"db": "VULHUB",
"id": "VHN-95910"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"db": "NVD",
"id": "CVE-2016-7090"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. The SCALANCE M series are industrial routers used to secure remote access. \n\nSIEMENS SCALANCE m-800 / S61 module has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain sensitive information, posing a risk of information leakage. Successful exploits may lead to other attacks. \nVersions prior to Siemens Scalance M-800 / S615 4.02 are vulnerable. Both Siemens Scalance M-800 and S615 are products of Siemens, Germany. The former is an industrial router and the latter is a firewall",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7090"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"db": "BID",
"id": "93115"
},
{
"db": "VULHUB",
"id": "VHN-95910"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-7090",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-16-271-01",
"trust": 2.8
},
{
"db": "BID",
"id": "93115",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-342135",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201609-573",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-07905",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-95910",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"db": "VULHUB",
"id": "VHN-95910"
},
{
"db": "BID",
"id": "93115"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"db": "NVD",
"id": "CVE-2016-7090"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
]
},
"id": "VAR-201609-0482",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"db": "VULHUB",
"id": "VHN-95910"
}
],
"trust": 1.3377283
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07905"
}
]
},
"last_update_date": "2023-12-18T13:44:12.219000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-342135",
"trust": 0.8,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-342135.pdf"
},
{
"title": "Patch for Information disclosure vulnerability in SIEMENS SCALANCE m-800 / S61 module",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/81618"
},
{
"title": "Siemens Scalance M-800 and S615 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64295"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95910"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"db": "NVD",
"id": "CVE-2016-7090"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-271-01"
},
{
"trust": 2.0,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-342135.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/93115"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7090"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7090"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95910"
},
{
"db": "BID",
"id": "93115"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"db": "NVD",
"id": "CVE-2016-7090"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"db": "VULHUB",
"id": "VHN-95910"
},
{
"db": "BID",
"id": "93115"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"db": "NVD",
"id": "CVE-2016-7090"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"date": "2016-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-95910"
},
{
"date": "2016-09-22T00:00:00",
"db": "BID",
"id": "93115"
},
{
"date": "2016-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"date": "2016-09-29T10:59:03.893000",
"db": "NVD",
"id": "CVE-2016-7090"
},
{
"date": "2016-09-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07905"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-95910"
},
{
"date": "2016-09-28T00:02:00",
"db": "BID",
"id": "93115"
},
{
"date": "2016-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005051"
},
{
"date": "2016-11-28T20:37:05.437000",
"db": "NVD",
"id": "CVE-2016-7090"
},
{
"date": "2016-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SCALANCE M-800 and S615 Module firmware integration Web Session on server Cookie Vulnerability that is captured",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005051"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-573"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…