Sign-up

ID

VAR-201609-0482


CVE

CVE-2016-7090


TITLE

Siemens SCALANCE M-800 and S615 Module firmware integration Web Session on server Cookie Vulnerability that is captured

Trust: 0.8

sources: JVNDB: JVNDB-2016-005051

DESCRIPTION

The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. The SCALANCE M series are industrial routers used to secure remote access. SIEMENS SCALANCE m-800 / S61 module has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain sensitive information, posing a risk of information leakage. Successful exploits may lead to other attacks. Versions prior to Siemens Scalance M-800 / S615 4.02 are vulnerable. Both Siemens Scalance M-800 and S615 are products of Siemens, Germany. The former is an industrial router and the latter is a firewall

Trust: 2.52

sources: NVD: CVE-2016-7090 // JVNDB: JVNDB-2016-005051 // CNVD: CNVD-2016-07905 // BID: 93115 // VULHUB: VHN-95910

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-07905

AFFECTED PRODUCTS

vendor:siemensmodel:scalance s615scope:lteversion:4.01

Trust: 1.0

vendor:siemensmodel:scalance m-800scope:lteversion:4.01

Trust: 1.0

vendor:siemensmodel:scalance m-800scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance m-800scope:ltversion:4.02

Trust: 0.8

vendor:siemensmodel:scalance s615scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance s615scope:ltversion:4.02

Trust: 0.8

vendor:siemensmodel:scalance m-800 s615scope:eqversion:/

Trust: 0.6

vendor:siemensmodel:scalance m-800scope:eqversion:4.01

Trust: 0.6

vendor:siemensmodel:scalance s615scope:eqversion:4.01

Trust: 0.6

vendor:siemensmodel:scalance s615scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance m-800scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance s-615scope:neversion:4.02

Trust: 0.3

vendor:siemensmodel:scalance m-800scope:neversion:4.02

Trust: 0.3

sources: CNVD: CNVD-2016-07905 // BID: 93115 // JVNDB: JVNDB-2016-005051 // CNNVD: CNNVD-201609-573 // NVD: CVE-2016-7090

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7090
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-7090
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2016-07905
value: LOW

Trust: 0.6

CNNVD: CNNVD-201609-573
value: MEDIUM

Trust: 0.6

VULHUB: VHN-95910
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-7090
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-07905
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-95910
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-7090
baseSeverity: MEDIUM
baseScore: 4.0
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-07905 // VULHUB: VHN-95910 // JVNDB: JVNDB-2016-005051 // CNNVD: CNNVD-201609-573 // NVD: CVE-2016-7090

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-95910 // JVNDB: JVNDB-2016-005051 // NVD: CVE-2016-7090

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-573

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201609-573

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-005051

PATCH
title:SSA-342135url:http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-342135.pdf
Trust: 0.8
title:Patch for Information disclosure vulnerability in SIEMENS SCALANCE m-800 / S61 moduleurl:https://www.cnvd.org.cn/patchInfo/show/81618
Trust: 0.6
title:Siemens Scalance M-800  and S615 Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64295
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-07905 // 
            
            
            
            JVNDB: JVNDB-2016-005051 // 
            
            
            
            CNNVD: CNNVD-201609-573

EXTERNAL IDS
db:NVDid:CVE-2016-7090
Trust: 3.4
db:ICS CERTid:ICSA-16-271-01
Trust: 2.8
db:BIDid:93115
Trust: 2.0
db:SIEMENSid:SSA-342135
Trust: 2.0
db:JVNDBid:JVNDB-2016-005051
Trust: 0.8
db:CNNVDid:CNNVD-201609-573
Trust: 0.7
db:CNVDid:CNVD-2016-07905
Trust: 0.6
db:VULHUBid:VHN-95910
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-07905 // 
            
            
            
            VULHUB: VHN-95910 // 
            
            
            
            BID: 93115 // 
            
            
            
            JVNDB: JVNDB-2016-005051 // 
            
            
            
            CNNVD: CNNVD-201609-573 // 
            
            
            
            NVD: CVE-2016-7090

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-16-271-01
Trust: 2.8
url:http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-342135.pdf
Trust: 2.0
url:http://www.securityfocus.com/bid/93115
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7090
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7090
Trust: 0.8
url:http://www.siemens.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-95910 // 
            
            
            
            BID: 93115 // 
            
            
            
            JVNDB: JVNDB-2016-005051 // 
            
            
            
            CNNVD: CNNVD-201609-573 // 
            
            
            
            NVD: CVE-2016-7090

CREDITS
Alexander Van Maele and Tijl Deneut from HOWEST.
Trust: 0.9
sources:
            
            
            BID: 93115 // 
            
            
            
            CNNVD: CNNVD-201609-573

SOURCES
db:CNVDid:CNVD-2016-07905
db:VULHUBid:VHN-95910
db:BIDid:93115
db:JVNDBid:JVNDB-2016-005051
db:CNNVDid:CNNVD-201609-573
db:NVDid:CVE-2016-7090

LAST UPDATE DATE
2024-08-14T15:34:48.905000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-07905date:2016-09-23T00:00:00
db:VULHUBid:VHN-95910date:2016-11-28T00:00:00
db:BIDid:93115date:2016-09-28T00:02:00
db:JVNDBid:JVNDB-2016-005051date:2016-10-05T00:00:00
db:CNNVDid:CNNVD-201609-573date:2016-09-30T00:00:00
db:NVDid:CVE-2016-7090date:2016-11-28T20:37:05.437

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-07905date:2016-09-23T00:00:00
db:VULHUBid:VHN-95910date:2016-09-29T00:00:00
db:BIDid:93115date:2016-09-22T00:00:00
db:JVNDBid:JVNDB-2016-005051date:2016-10-05T00:00:00
db:CNNVDid:CNNVD-201609-573date:2016-09-23T00:00:00
db:NVDid:CVE-2016-7090date:2016-09-29T10:59:03.893