ID

VAR-201812-0390


CVE

CVE-2018-16555


TITLE

plural SCALANCE Product cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-014529

DESCRIPTION

A vulnerability has been identified in SCALANCE S602 (All versions < V4.0.1.1), SCALANCE S612 (All versions < V4.0.1.1), SCALANCE S623 (All versions < V4.0.1.1), SCALANCE S627-2M (All versions < V4.0.1.1). The integrated web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known. plural SCALANCE The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. SiemensSCALANCES602 and other Siemens are the Ethernet security modules of Siemens. A cross-site scripting vulnerability exists in several Siemens products that can be exploited by a remote attacker to inject arbitrary scripts with malicious links. Siemens SCALANCE S is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. The following products are affected: Siemens SCALANCE S602 versions prior to v4.0.1.1 Siemens SCALANCE S612 versions prior to v4.0.1.1 Siemens SCALANCE S623 versions prior to v4.0.1.1 Siemens SCALANCE S627-2M versions prior to v4.0.1.1

Trust: 2.43

sources: NVD: CVE-2018-16555 // JVNDB: JVNDB-2018-014529 // CNVD: CNVD-2018-25913 // BID: 105937

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-25913

AFFECTED PRODUCTS

vendor:siemensmodel:scalance s623scope:ltversion:4.0.1.1

Trust: 2.4

vendor:siemensmodel:scalance s612scope:ltversion:4.0.1.1

Trust: 2.4

vendor:siemensmodel:scalance s627-2mscope:ltversion:4.0.1.1

Trust: 2.4

vendor:siemensmodel:scalance s602scope:ltversion:4.0.1.1

Trust: 1.4

vendor:siemensmodel:scalance s602scope:ltversion:v4.0.1.1

Trust: 1.0

vendor:siemensmodel:scalance s627-2mscope:eqversion:4.0

Trust: 0.3

vendor:siemensmodel:scalance s623scope:eqversion:4.0

Trust: 0.3

vendor:siemensmodel:scalance s612scope:eqversion:4.0

Trust: 0.3

vendor:siemensmodel:scalance s602scope:eqversion:4.0

Trust: 0.3

vendor:siemensmodel:scalance s627-2mscope:neversion:4.0.1.1

Trust: 0.3

vendor:siemensmodel:scalance s623scope:neversion:4.0.1.1

Trust: 0.3

vendor:siemensmodel:scalance s612scope:neversion:4.0.1.1

Trust: 0.3

vendor:siemensmodel:scalance s602scope:neversion:4.0.1.1

Trust: 0.3

sources: CNVD: CNVD-2018-25913 // BID: 105937 // JVNDB: JVNDB-2018-014529 // NVD: CVE-2018-16555

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-16555
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-16555
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-25913
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201811-487
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2018-16555
severity: LOW
baseScore: 3.5
vectorString: AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.8
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-25913
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2018-16555
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.3
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-25913 // JVNDB: JVNDB-2018-014529 // CNNVD: CNNVD-201811-487 // NVD: CVE-2018-16555

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

problemtype:CWE-80

Trust: 1.0

sources: JVNDB: JVNDB-2018-014529 // NVD: CVE-2018-16555

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201811-487

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201811-487

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014529

PATCH

title:SSA-242982url:https://cert-portal.siemens.com/productcert/pdf/ssa-242982.pdf

Trust: 0.8

title:Patches for multiple Siemens product cross-site scripting vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/147645

Trust: 0.6

title:Multiple Siemens Fixes for product cross-site scripting vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86888

Trust: 0.6

sources: CNVD: CNVD-2018-25913 // JVNDB: JVNDB-2018-014529 // CNNVD: CNNVD-201811-487

EXTERNAL IDS

db:NVDid:CVE-2018-16555

Trust: 3.3

db:BIDid:105937

Trust: 1.9

db:ICS CERTid:ICSA-18-317-04

Trust: 1.7

db:SIEMENSid:SSA-242982

Trust: 1.6

db:JVNDBid:JVNDB-2018-014529

Trust: 0.8

db:CNVDid:CNVD-2018-25913

Trust: 0.6

db:CNNVDid:CNNVD-201811-487

Trust: 0.6

sources: CNVD: CNVD-2018-25913 // BID: 105937 // JVNDB: JVNDB-2018-014529 // CNNVD: CNNVD-201811-487 // NVD: CVE-2018-16555

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-18-317-04

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-242982.pdf

Trust: 1.6

url:http://www.securityfocus.com/bid/105937

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16555

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-16555

Trust: 0.8

url:http://subscriber.communications.siemens.com/

Trust: 0.3

sources: CNVD: CNVD-2018-25913 // BID: 105937 // JVNDB: JVNDB-2018-014529 // CNNVD: CNNVD-201811-487 // NVD: CVE-2018-16555

CREDITS

Nelson Berg of Applied Risk

Trust: 0.3

sources: BID: 105937

SOURCES

db:CNVDid:CNVD-2018-25913
db:BIDid:105937
db:JVNDBid:JVNDB-2018-014529
db:CNNVDid:CNNVD-201811-487
db:NVDid:CVE-2018-16555

LAST UPDATE DATE

2024-08-14T15:18:12.911000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-25913date:2018-12-20T00:00:00
db:BIDid:105937date:2018-11-13T00:00:00
db:JVNDBid:JVNDB-2018-014529date:2019-03-26T00:00:00
db:CNNVDid:CNNVD-201811-487date:2019-10-17T00:00:00
db:NVDid:CVE-2018-16555date:2019-10-09T23:36:14.360

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-25913date:2018-12-20T00:00:00
db:BIDid:105937date:2018-11-13T00:00:00
db:JVNDBid:JVNDB-2018-014529date:2019-03-26T00:00:00
db:CNNVDid:CNNVD-201811-487date:2018-11-15T00:00:00
db:NVDid:CVE-2018-16555date:2018-12-13T16:29:00.460