Details of VAR-201403-0340

ID

VAR-201403-0340

CVE

CVE-2014-2246

TITLE

Siemens SIMATIC S7-1500 CPU PLC Device integration Web Server cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2014-001706

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Siemens SIMATIC is an automation software in a single engineering environment. Remote attackers can exploit the vulnerability to build malicious URIs, entice users to parse, obtain sensitive cookies, hijack sessions or perform malicious operations on the client. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Versions prior to SIMATIC S7-1500 1.5.0 are vulnerable

Trust: 2.7

sources: NVD: CVE-2014-2246 // JVNDB: JVNDB-2014-001706 // CNVD: CNVD-2014-01724 // BID: 66201 // IVD: 2579a7de-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-70185

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 2579a7de-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-01724

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.0.1	Trust: 1.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.1.1	Trust: 1.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.1.0	Trust: 1.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	lte	version:	1.1.2	Trust: 1.0
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	lt	version:	1.5.0	Trust: 0.8
vendor:	siemens	model:	simatic s7-1500	scope:	eq	version:	1.x	Trust: 0.6
vendor:	siemens	model:	simatic s7-1500 cpu	scope:	eq	version:	1.1.2	Trust: 0.6
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	1.0.1	Trust: 0.2
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	1.1.0	Trust: 0.2
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	1.1.1	Trust: 0.2
vendor:	simatic s7 1500 cpu	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 2579a7de-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-01724 // JVNDB: JVNDB-2014-001706 // CNNVD: CNNVD-201403-323 // NVD: CVE-2014-2246

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-2246
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-2246
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2014-01724
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201403-323
value:	MEDIUM
Trust: 0.6
IVD:	2579a7de-2352-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-70185
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-2246
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-01724
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	2579a7de-2352-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-70185
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 2579a7de-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-01724 // VULHUB: VHN-70185 // JVNDB: JVNDB-2014-001706 // CNNVD: CNNVD-201403-323 // NVD: CVE-2014-2246

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-70185 // JVNDB: JVNDB-2014-001706 // NVD: CVE-2014-2246

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-323

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201403-323

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001706

PATCH

title:	SSA-456423	url:	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf	Trust: 0.8
title:	There are patches for unclear cross-site scripting vulnerabilities in Siemens SIMATIC S7-1500	url:	https://www.cnvd.org.cn/patchInfo/show/44306	Trust: 0.6

sources: CNVD: CNVD-2014-01724 // JVNDB: JVNDB-2014-001706

EXTERNAL IDS

db:	NVD	id:	CVE-2014-2246	Trust: 3.6
db:	BID	id:	66201	Trust: 2.6
db:	ICS CERT	id:	ICSA-14-073-01	Trust: 2.5
db:	SIEMENS	id:	SSA-456423	Trust: 2.3
db:	CNNVD	id:	CNNVD-201403-323	Trust: 0.9
db:	CNVD	id:	CNVD-2014-01724	Trust: 0.8
db:	JVNDB	id:	JVNDB-2014-001706	Trust: 0.8
db:	IVD	id:	2579A7DE-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-70185	Trust: 0.1

sources: IVD: 2579a7de-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-01724 // VULHUB: VHN-70185 // BID: 66201 // JVNDB: JVNDB-2014-001706 // CNNVD: CNNVD-201403-323 // NVD: CVE-2014-2246

REFERENCES

url:	http://ics-cert.us-cert.gov/advisories/icsa-14-073-01	Trust: 2.5
url:	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf	Trust: 2.3
url:	http://www.securityfocus.com/bid/66201	Trust: 1.7
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-456423.pdf	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2246	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2246	Trust: 0.8
url:	http://subscriber.communications.siemens.com/	Trust: 0.3

sources: CNVD: CNVD-2014-01724 // VULHUB: VHN-70185 // BID: 66201 // JVNDB: JVNDB-2014-001706 // CNNVD: CNNVD-201403-323 // NVD: CVE-2014-2246

CREDITS

Dmitry Serebryannikov, Ilya Karpov, Alexey Osipov, Yury Goltsev, Alex Timorin, Alexey Osipov, and Ilya Karpov from Positive Technologies.

Trust: 0.3

sources: BID: 66201

SOURCES

db:	IVD	id:	2579a7de-2352-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2014-01724
db:	VULHUB	id:	VHN-70185
db:	BID	id:	66201
db:	JVNDB	id:	JVNDB-2014-001706
db:	CNNVD	id:	CNNVD-201403-323
db:	NVD	id:	CVE-2014-2246

LAST UPDATE DATE

2024-11-23T21:45:19.746000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-01724	date:	2014-03-17T00:00:00
db:	VULHUB	id:	VHN-70185	date:	2020-02-10T00:00:00
db:	BID	id:	66201	date:	2014-03-19T02:13:00
db:	JVNDB	id:	JVNDB-2014-001706	date:	2014-03-18T00:00:00
db:	CNNVD	id:	CNNVD-201403-323	date:	2020-02-11T00:00:00
db:	NVD	id:	CVE-2014-2246	date:	2024-11-21T02:05:55.360

SOURCES RELEASE DATE

db:	IVD	id:	2579a7de-2352-11e6-abef-000c29c66e3d	date:	2014-03-17T00:00:00
db:	CNVD	id:	CNVD-2014-01724	date:	2014-03-17T00:00:00
db:	VULHUB	id:	VHN-70185	date:	2014-03-16T00:00:00
db:	BID	id:	66201	date:	2014-03-12T00:00:00
db:	JVNDB	id:	JVNDB-2014-001706	date:	2014-03-18T00:00:00
db:	CNNVD	id:	CNNVD-201403-323	date:	2014-03-19T00:00:00
db:	NVD	id:	CVE-2014-2246	date:	2014-03-16T14:06:45.773