ID

VAR-201609-0482


CVE

CVE-2016-7090


TITLE

Siemens SCALANCE M-800 and S615 Module firmware integration Web Session on server Cookie Vulnerability that is captured

Trust: 0.8

sources: JVNDB: JVNDB-2016-005051

DESCRIPTION

The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. The SCALANCE M series are industrial routers used to secure remote access. SIEMENS SCALANCE m-800 / S61 module has an information disclosure vulnerability. Attackers can use vulnerabilities to obtain sensitive information, posing a risk of information leakage. Successful exploits may lead to other attacks. Versions prior to Siemens Scalance M-800 / S615 4.02 are vulnerable. Both Siemens Scalance M-800 and S615 are products of Siemens, Germany. The former is an industrial router and the latter is a firewall

Trust: 2.52

sources: NVD: CVE-2016-7090 // JVNDB: JVNDB-2016-005051 // CNVD: CNVD-2016-07905 // BID: 93115 // VULHUB: VHN-95910

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-07905

AFFECTED PRODUCTS

vendor:siemensmodel:scalance s615scope:lteversion:4.01

Trust: 1.0

vendor:siemensmodel:scalance m-800scope:lteversion:4.01

Trust: 1.0

vendor:siemensmodel:scalance m-800scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance m-800scope:ltversion:4.02

Trust: 0.8

vendor:siemensmodel:scalance s615scope: - version: -

Trust: 0.8

vendor:siemensmodel:scalance s615scope:ltversion:4.02

Trust: 0.8

vendor:siemensmodel:scalance m-800 s615scope:eqversion:/

Trust: 0.6

vendor:siemensmodel:scalance m-800scope:eqversion:4.01

Trust: 0.6

vendor:siemensmodel:scalance s615scope:eqversion:4.01

Trust: 0.6

vendor:siemensmodel:scalance s615scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance m-800scope:eqversion:0

Trust: 0.3

vendor:siemensmodel:scalance s-615scope:neversion:4.02

Trust: 0.3

vendor:siemensmodel:scalance m-800scope:neversion:4.02

Trust: 0.3

sources: CNVD: CNVD-2016-07905 // BID: 93115 // JVNDB: JVNDB-2016-005051 // CNNVD: CNNVD-201609-573 // NVD: CVE-2016-7090

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7090
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-7090
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2016-07905
value: LOW

Trust: 0.6

CNNVD: CNNVD-201609-573
value: MEDIUM

Trust: 0.6

VULHUB: VHN-95910
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-7090
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-07905
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-95910
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-7090
baseSeverity: MEDIUM
baseScore: 4.0
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-07905 // VULHUB: VHN-95910 // JVNDB: JVNDB-2016-005051 // CNNVD: CNNVD-201609-573 // NVD: CVE-2016-7090

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-95910 // JVNDB: JVNDB-2016-005051 // NVD: CVE-2016-7090

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-573

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201609-573

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005051

PATCH

title:SSA-342135url:http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-342135.pdf

Trust: 0.8

title:Patch for Information disclosure vulnerability in SIEMENS SCALANCE m-800 / S61 moduleurl:https://www.cnvd.org.cn/patchInfo/show/81618

Trust: 0.6

title:Siemens Scalance M-800 and S615 Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64295

Trust: 0.6

sources: CNVD: CNVD-2016-07905 // JVNDB: JVNDB-2016-005051 // CNNVD: CNNVD-201609-573

EXTERNAL IDS

db:NVDid:CVE-2016-7090

Trust: 3.4

db:ICS CERTid:ICSA-16-271-01

Trust: 2.8

db:BIDid:93115

Trust: 2.0

db:SIEMENSid:SSA-342135

Trust: 2.0

db:JVNDBid:JVNDB-2016-005051

Trust: 0.8

db:CNNVDid:CNNVD-201609-573

Trust: 0.7

db:CNVDid:CNVD-2016-07905

Trust: 0.6

db:VULHUBid:VHN-95910

Trust: 0.1

sources: CNVD: CNVD-2016-07905 // VULHUB: VHN-95910 // BID: 93115 // JVNDB: JVNDB-2016-005051 // CNNVD: CNNVD-201609-573 // NVD: CVE-2016-7090

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-16-271-01

Trust: 2.8

url:http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-342135.pdf

Trust: 2.0

url:http://www.securityfocus.com/bid/93115

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7090

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7090

Trust: 0.8

url:http://www.siemens.com/

Trust: 0.3

sources: VULHUB: VHN-95910 // BID: 93115 // JVNDB: JVNDB-2016-005051 // CNNVD: CNNVD-201609-573 // NVD: CVE-2016-7090

CREDITS

Alexander Van Maele and Tijl Deneut from HOWEST.

Trust: 0.9

sources: BID: 93115 // CNNVD: CNNVD-201609-573

SOURCES

db:CNVDid:CNVD-2016-07905
db:VULHUBid:VHN-95910
db:BIDid:93115
db:JVNDBid:JVNDB-2016-005051
db:CNNVDid:CNNVD-201609-573
db:NVDid:CVE-2016-7090

LAST UPDATE DATE

2024-08-14T15:34:48.905000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2016-07905date:2016-09-23T00:00:00
db:VULHUBid:VHN-95910date:2016-11-28T00:00:00
db:BIDid:93115date:2016-09-28T00:02:00
db:JVNDBid:JVNDB-2016-005051date:2016-10-05T00:00:00
db:CNNVDid:CNNVD-201609-573date:2016-09-30T00:00:00
db:NVDid:CVE-2016-7090date:2016-11-28T20:37:05.437

SOURCES RELEASE DATE

db:CNVDid:CNVD-2016-07905date:2016-09-23T00:00:00
db:VULHUBid:VHN-95910date:2016-09-29T00:00:00
db:BIDid:93115date:2016-09-22T00:00:00
db:JVNDBid:JVNDB-2016-005051date:2016-10-05T00:00:00
db:CNNVDid:CNNVD-201609-573date:2016-09-23T00:00:00
db:NVDid:CVE-2016-7090date:2016-09-29T10:59:03.893