VDE-2022-056
Vulnerability from csaf_weidmuellerinterfacegmbhcokg - Published: 2022-12-14 07:00 - Updated: 2022-12-14 07:00Summary
Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability
Notes
Summary: A JavaScript injection vulnerability has been discovered in the XML editing system SCHEMA ST4 onlinehelp by Quanos Solutions GmbH. For details refer to CVE.This vulnerability may allow an attacker to inject JavaScript code via URL to the affected products
Impact: This vulnerability may allow an attacker to inject JavaScript code via URL to the affected products.
As the affected products require authentication, exploiting this vulnerability would require an attacker to trick a logged in user into executing a malicious link.
Exploitation of this vulnerability may e.g. result in DoS of affected products or gaining access to sensitive information or gaining administrative access.
Mitigation: If the remediation cannot be implemented in a timely manner, Weidmueller strongly recommends that the authenticated user logged in to the product does not click on links from external sources.
Remediation: Weidmueller strongly recommends customers to install a patched firmware which fixes this vulnerability.
The fixed firmware for each affected product with at least version 1.17.0 can be obtained from weidmueller.com.
Quanos "SCHEMA ST4" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser environment. The affected script is '*-schema.js'.
6.1 (Medium)
Mitigation
If the remediation cannot be implemented in a timely manner, Weidmueller strongly recommends that the authenticated user logged in to the product does not click on links from external sources.
Vendor Fix
Weidmueller strongly recommends customers to install a patched firmware which fixes this vulnerability.
The fixed firmware for each affected product with at least version 1.17.0 can be obtained from weidmueller.com.
References
Acknowledgments
CERT@VDE
certvde.com
Quanos Solutions GmbH
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"organization": "Quanos Solutions GmbH",
"summary": "reporting"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "A JavaScript injection vulnerability has been discovered in the XML editing system SCHEMA ST4 onlinehelp by Quanos Solutions GmbH. For details refer to CVE.This vulnerability may allow an attacker to inject JavaScript code via URL to the affected products",
"title": "Summary"
},
{
"category": "description",
"text": "This vulnerability may allow an attacker to inject JavaScript code via\u00a0URL to the affected products.\nAs the affected products require authentication, exploiting this vulnerability would require an attacker to trick a logged in user into executing a malicious link.\nExploitation of this vulnerability may e.g. result in DoS of affected products or gaining access to sensitive information or gaining administrative access.",
"title": "Impact"
},
{
"category": "description",
"text": "If the remediation cannot be implemented in a timely manner, Weidmueller strongly recommends that the authenticated user logged in to the product does not click on links from external sources.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Weidmueller strongly recommends customers to install a\u00a0patched\u00a0firmware which fixes this vulnerability.\nThe fixed firmware for each affected product with at least version 1.17.0 can be obtained from weidmueller.com.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@weidmueller.com",
"name": "Weidmueller Interface GmbH \u0026 Co. KG",
"namespace": "https://www.weidmueller.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2022-056: Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability - HTML",
"url": "https://certvde.com/en/advisories/VDE-2022-056/"
},
{
"category": "self",
"summary": "VDE-2022-056: Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability - CSAF",
"url": "https://weidmueller.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-056.json"
},
{
"category": "external",
"summary": "Vendor PSIRT",
"url": "https://www.weidmueller.com"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Weidmueller Interface GmbH \u0026 Co. KG",
"url": "https://certvde.com/en/advisories/vendor/weidmueller/"
}
],
"title": "Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability",
"tracking": {
"aliases": [
"VDE-2022-056"
],
"current_release_date": "2022-12-14T07:00:00.000Z",
"generator": {
"date": "2025-05-07T08:14:06.005Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.24"
}
},
"id": "VDE-2022-056",
"initial_release_date": "2022-12-14T07:00:00.000Z",
"revision_history": [
{
"date": "2022-12-14T07:00:00.000Z",
"number": "1",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "19 IOT MD01 LAN H4 S0011 (contains IoT-GW30)",
"product": {
"name": "19 IOT MD01 LAN H4 S0011 (contains IoT-GW30)",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"8000075041"
]
}
}
},
{
"category": "product_name",
"name": "FP IOT MD01 4EU S2 00000 (contains IoT-GW30-4G-EU)",
"product": {
"name": "FP IOT MD01 4EU S2 00000 (contains IoT-GW30-4G-EU)",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"8000058270"
]
}
}
},
{
"category": "product_name",
"name": "FP IOT MD01 LAN S2 00000 (contains IoT-GW30)",
"product": {
"name": "FP IOT MD01 LAN S2 00000 (contains IoT-GW30)",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"8000058603"
]
}
}
},
{
"category": "product_name",
"name": "FP IOT MD01 LAN S2 S0011 (contains IoT-GW30)",
"product": {
"name": "FP IOT MD01 LAN S2 S0011 (contains IoT-GW30)",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"8000055224"
]
}
}
},
{
"category": "product_name",
"name": "FP IOT MD02 4EU S3 00000 (contains IoT-GW30-4G-EU)",
"product": {
"name": "FP IOT MD02 4EU S3 00000 (contains IoT-GW30-4G-EU)",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"8000058282"
]
}
}
},
{
"category": "product_name",
"name": "IoT-GW30",
"product": {
"name": "IoT-GW30",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"2682620000"
]
}
}
},
{
"category": "product_name",
"name": "IoT-GW30-4G-EU",
"product": {
"name": "IoT-GW30-4G-EU",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"2682630000"
]
}
}
},
{
"category": "product_name",
"name": "UC20-WL2000-AC",
"product": {
"name": "UC20-WL2000-AC",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"1334950000"
]
}
}
},
{
"category": "product_name",
"name": "UC20-WL2000-IOT",
"product": {
"name": "UC20-WL2000-IOT",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"1334990000"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Firmware vers:all/*",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "\u003c=1.16.0",
"product": {
"name": "Firmware \u003c=1.16.0",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version",
"name": "1.17.0",
"product": {
"name": "Firmware 1.17.0",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Weidmueller"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on 19 IOT MD01 LAN H4 S0011 (contains IoT-GW30)",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on FP IOT MD01 4EU S2 00000 (contains IoT-GW30-4G-EU)",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on FP IOT MD01 LAN S2 00000 (contains IoT-GW30)",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on FP IOT MD01 LAN S2 S0011 (contains IoT-GW30)",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on FP IOT MD02 4EU S3 00000 (contains IoT-GW30-4G-EU)",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=1.16.0 installed on IoT-GW30",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=1.16.0 installed on IoT-GW30-4G-EU",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=1.16.0 installed on UC20-WL2000-AC",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=1.16.0 installed on UC20-WL2000-IOT",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on 19 IOT MD01 LAN H4 S0011 (contains IoT-GW30)",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on FP IOT MD01 4EU S2 00000 (contains IoT-GW30-4G-EU)",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on FP IOT MD01 LAN S2 00000 (contains IoT-GW30)",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on FP IOT MD01 LAN S2 S0011 (contains IoT-GW30)",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on FP IOT MD02 4EU S3 00000 (contains IoT-GW30-4G-EU)",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on IoT-GW30",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on IoT-GW30-4G-EU",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on UC20-WL2000-AC",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.17.0 installed on UC20-WL2000-IOT",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11009"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3073",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "description",
"text": "Quanos \"SCHEMA ST4\" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser environment. The affected script is \u0027*-schema.js\u0027.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "If the remediation cannot be implemented in a timely manner, Weidmueller strongly recommends that the authenticated user logged in to the product does not click on links from external sources.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Weidmueller strongly recommends customers to install a\u00a0patched\u00a0firmware which fixes this vulnerability.\nThe fixed firmware for each affected product with at least version 1.17.0 can be obtained from weidmueller.com.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 6.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-3073"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…