Sign-up

ID

VAR-201904-0636


CVE

CVE-2018-13809


TITLE

CP 1604 and CP 1616 Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2018-015275

DESCRIPTION

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into following a malicious link. User interaction is required for a successful exploitation. At the time of advisory publication no public exploitation of this vulnerability was known. CP 1604 and CP 1616 Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. The SIEMENS CP1604 is used to connect a PCI-104 system to PROFINET IO. The SIEMENS CP1616 is an innovative product that is installed in a PC for PROFINET communication. A cross-site scripting vulnerability exists in the SIEMENS CP1604 and CP1616 devices. An attacker could exploit a vulnerability to make a trusted user spoofed to track a malicious link. Siemens CP1604 and CP1616 are prone to following security vulnerabilities: 1. An information disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A cross-site request-forgery vulnerability Attackers can exploit these issues to obtain sensitive information, or execute arbitrary code or arbitrary HTML or script code in the browser of an unsuspecting user within the context of the affected application. This can allow the attacker to steal cookie-based authentication credentials and aid in further attacks. The following products and versions are vulnerable: All versions prior to Siemens CP1604 2.8 All versions prior to Siemens CP1616 2.8. The vulnerability stems from the lack of correct verification of client data in WEB applications

Trust: 2.7

sources: NVD: CVE-2018-13809 // JVNDB: JVNDB-2018-015275 // CNVD: CNVD-2019-00988 // BID: 106992 // IVD: 7d8457df-463f-11e9-8e53-000c29342cb1 // VULHUB: VHN-123905

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 7d8457df-463f-11e9-8e53-000c29342cb1 // CNVD: CNVD-2019-00988

AFFECTED PRODUCTS

vendor:siemensmodel:cp 1604scope:lteversion:2.8

Trust: 1.0

vendor:siemensmodel:cp 1616scope:lteversion:2.8

Trust: 1.0

vendor:siemensmodel:cp 1604scope:ltversion:2.8

Trust: 0.8

vendor:siemensmodel:cp 1616scope:ltversion:2.8

Trust: 0.8

vendor:siemensmodel:cp1604scope:ltversion:v2.8

Trust: 0.6

vendor:siemensmodel:cp1616scope:ltversion:v2.8

Trust: 0.6

vendor:siemensmodel:cpscope:eqversion:16162.7.2

Trust: 0.3

vendor:siemensmodel:cpscope:eqversion:16162.1

Trust: 0.3

vendor:siemensmodel:cpscope:eqversion:16042.7.2

Trust: 0.3

vendor:siemensmodel:cpscope:eqversion:16042.1

Trust: 0.3

vendor:siemensmodel:cpscope:neversion:16162.8

Trust: 0.3

vendor:siemensmodel:cpscope:neversion:16042.8

Trust: 0.3

vendor:cp 1604model: - scope:eqversion:*

Trust: 0.2

vendor:cp 1616model: - scope:eqversion:*

Trust: 0.2

sources: IVD: 7d8457df-463f-11e9-8e53-000c29342cb1 // CNVD: CNVD-2019-00988 // BID: 106992 // JVNDB: JVNDB-2018-015275 // NVD: CVE-2018-13809

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-13809
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-13809
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-00988
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201902-524
value: MEDIUM

Trust: 0.6

IVD: 7d8457df-463f-11e9-8e53-000c29342cb1
value: MEDIUM

Trust: 0.2

VULHUB: VHN-123905
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-13809
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-00988
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d8457df-463f-11e9-8e53-000c29342cb1
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-123905
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-13809
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: IVD: 7d8457df-463f-11e9-8e53-000c29342cb1 // CNVD: CNVD-2019-00988 // VULHUB: VHN-123905 // JVNDB: JVNDB-2018-015275 // CNNVD: CNNVD-201902-524 // NVD: CVE-2018-13809

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-123905 // JVNDB: JVNDB-2018-015275 // NVD: CVE-2018-13809

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201902-524

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201902-524

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015275

PATCH
title:SSA-559174url:https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
Trust: 0.8
title:Patch for SIEMENS CP1604 and CP1616 device cross-site scripting vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/149595
Trust: 0.6
title:Siemens CP1604  and CP1616 Fixes for cross-site scripting vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89335
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-00988 // 
            
            
            
            JVNDB: JVNDB-2018-015275 // 
            
            
            
            CNNVD: CNNVD-201902-524

EXTERNAL IDS
db:NVDid:CVE-2018-13809
Trust: 3.6
db:SIEMENSid:SSA-559174
Trust: 2.3
db:ICS CERTid:ICSA-19-043-06
Trust: 1.7
db:CNNVDid:CNNVD-201902-524
Trust: 0.9
db:BIDid:106992
Trust: 0.9
db:CNVDid:CNVD-2019-00988
Trust: 0.8
db:JVNDBid:JVNDB-2018-015275
Trust: 0.8
db:AUSCERTid:ESB-2019.0442
Trust: 0.6
db:IVDid:7D8457DF-463F-11E9-8E53-000C29342CB1
Trust: 0.2
db:VULHUBid:VHN-123905
Trust: 0.1
sources:
            
            
            IVD: 7d8457df-463f-11e9-8e53-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2019-00988 // 
            
            
            
            VULHUB: VHN-123905 // 
            
            
            
            BID: 106992 // 
            
            
            
            JVNDB: JVNDB-2018-015275 // 
            
            
            
            CNNVD: CNNVD-201902-524 // 
            
            
            
            NVD: CVE-2018-13809

REFERENCES
url:https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2018-13809
Trust: 1.4
url:https://ics-cert.us-cert.gov/advisories/icsa-19-043-06
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13809
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-19-043-06
Trust: 0.8
url:http://www.securityfocus.com/bid/106992
Trust: 0.6
url:https://www.auscert.org.au/bulletins/75478
Trust: 0.6
url:http://www.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2019-00988 // 
            
            
            
            VULHUB: VHN-123905 // 
            
            
            
            BID: 106992 // 
            
            
            
            JVNDB: JVNDB-2018-015275 // 
            
            
            
            CNNVD: CNNVD-201902-524 // 
            
            
            
            NVD: CVE-2018-13809

CREDITS
The vendor reported this issue.,Siemens reported these vulnerabilities to NCCIC.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201902-524

SOURCES
db:IVDid:7d8457df-463f-11e9-8e53-000c29342cb1
db:CNVDid:CNVD-2019-00988
db:VULHUBid:VHN-123905
db:BIDid:106992
db:JVNDBid:JVNDB-2018-015275
db:CNNVDid:CNNVD-201902-524
db:NVDid:CVE-2018-13809

LAST UPDATE DATE
2024-11-23T22:25:57.521000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-00988date:2019-01-10T00:00:00
db:VULHUBid:VHN-123905date:2019-07-11T00:00:00
db:BIDid:106992date:2019-02-12T00:00:00
db:JVNDBid:JVNDB-2018-015275date:2019-07-08T00:00:00
db:CNNVDid:CNNVD-201902-524date:2019-07-16T00:00:00
db:NVDid:CVE-2018-13809date:2024-11-21T03:48:06.697

SOURCES RELEASE DATE
db:IVDid:7d8457df-463f-11e9-8e53-000c29342cb1date:2019-01-10T00:00:00
db:CNVDid:CNVD-2019-00988date:2019-01-10T00:00:00
db:VULHUBid:VHN-123905date:2019-04-17T00:00:00
db:BIDid:106992date:2019-02-12T00:00:00
db:JVNDBid:JVNDB-2018-015275date:2019-05-17T00:00:00
db:CNNVDid:CNNVD-201902-524date:2019-02-12T00:00:00
db:NVDid:CVE-2018-13809date:2019-04-17T14:29:02.840