Sign-up

ID

VAR-201904-0637


CVE

CVE-2018-13810


TITLE

CP 1604 and CP 1616 Vulnerable to cross-site request forgery

Trust: 0.8

sources: JVNDB: JVNDB-2018-015273

DESCRIPTION

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated configuration web server of the affected CP devices could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a legitimate user. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform. At the time of advisory publication no public exploitation of this vulnerability was known. CP 1604 and CP 1616 Contains a cross-site request forgery vulnerability.Information may be tampered with. The SIEMENS CP1604 is used to connect a PCI-104 system to PROFINET IO. The SIEMENS CP1616 is an innovative product that is installed in a PC for PROFINET communication. Siemens CP1604 and CP1616 are prone to following security vulnerabilities: 1. An information disclosure vulnerability 2. A cross-site-scripting vulnerability 3. A cross-site request-forgery vulnerability Attackers can exploit these issues to obtain sensitive information, or execute arbitrary code or arbitrary HTML or script code in the browser of an unsuspecting user within the context of the affected application. This can allow the attacker to steal cookie-based authentication credentials and aid in further attacks. The following products and versions are vulnerable: All versions prior to Siemens CP1604 2.8 All versions prior to Siemens CP1616 2.8. The vulnerability stems from the fact that the WEB application does not fully verify whether the request is from a trusted user. An attacker could exploit this vulnerability to send unexpected requests to the server through an affected client

Trust: 2.7

sources: NVD: CVE-2018-13810 // JVNDB: JVNDB-2018-015273 // CNVD: CNVD-2019-00989 // BID: 106992 // IVD: 7d8457de-463f-11e9-a2a6-000c29342cb1 // VULHUB: VHN-123907

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 7d8457de-463f-11e9-a2a6-000c29342cb1 // CNVD: CNVD-2019-00989

AFFECTED PRODUCTS

vendor:siemensmodel:cp 1604scope:lteversion:2.8

Trust: 1.0

vendor:siemensmodel:cp 1616scope:lteversion:2.8

Trust: 1.0

vendor:siemensmodel:cp 1604scope:ltversion:2.8

Trust: 0.8

vendor:siemensmodel:cp 1616scope:ltversion:2.8

Trust: 0.8

vendor:siemensmodel:cp1604scope:ltversion:v2.8

Trust: 0.6

vendor:siemensmodel:cp1616scope:ltversion:v2.8

Trust: 0.6

vendor:siemensmodel:cpscope:eqversion:16162.7.2

Trust: 0.3

vendor:siemensmodel:cpscope:eqversion:16162.1

Trust: 0.3

vendor:siemensmodel:cpscope:eqversion:16042.7.2

Trust: 0.3

vendor:siemensmodel:cpscope:eqversion:16042.1

Trust: 0.3

vendor:siemensmodel:cpscope:neversion:16162.8

Trust: 0.3

vendor:siemensmodel:cpscope:neversion:16042.8

Trust: 0.3

vendor:cp 1604model: - scope:eqversion:*

Trust: 0.2

vendor:cp 1616model: - scope:eqversion:*

Trust: 0.2

sources: IVD: 7d8457de-463f-11e9-a2a6-000c29342cb1 // CNVD: CNVD-2019-00989 // BID: 106992 // JVNDB: JVNDB-2018-015273 // NVD: CVE-2018-13810

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-13810
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-13810
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-00989
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201902-526
value: MEDIUM

Trust: 0.6

IVD: 7d8457de-463f-11e9-a2a6-000c29342cb1
value: MEDIUM

Trust: 0.2

VULHUB: VHN-123907
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-13810
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-00989
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d8457de-463f-11e9-a2a6-000c29342cb1
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-123907
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-13810
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: 7d8457de-463f-11e9-a2a6-000c29342cb1 // CNVD: CNVD-2019-00989 // VULHUB: VHN-123907 // JVNDB: JVNDB-2018-015273 // CNNVD: CNNVD-201902-526 // NVD: CVE-2018-13810

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.9

sources: VULHUB: VHN-123907 // JVNDB: JVNDB-2018-015273 // NVD: CVE-2018-13810

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201902-526

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201902-526

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015273

PATCH
title:SSA-559174url:https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
Trust: 0.8
title:Patch for cross-site request forgery vulnerability for SIEMENS CP1604 and CP1616 devicesurl:https://www.cnvd.org.cn/patchInfo/show/149597
Trust: 0.6
title:Siemens CP1604  and CP1616 Fixes for cross-site request forgery vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89337
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-00989 // 
            
            
            
            JVNDB: JVNDB-2018-015273 // 
            
            
            
            CNNVD: CNNVD-201902-526

EXTERNAL IDS
db:NVDid:CVE-2018-13810
Trust: 3.6
db:SIEMENSid:SSA-559174
Trust: 2.3
db:ICS CERTid:ICSA-19-043-06
Trust: 1.7
db:CNNVDid:CNNVD-201902-526
Trust: 0.9
db:BIDid:106992
Trust: 0.9
db:CNVDid:CNVD-2019-00989
Trust: 0.8
db:JVNDBid:JVNDB-2018-015273
Trust: 0.8
db:AUSCERTid:ESB-2019.0442
Trust: 0.6
db:IVDid:7D8457DE-463F-11E9-A2A6-000C29342CB1
Trust: 0.2
db:VULHUBid:VHN-123907
Trust: 0.1
sources:
            
            
            IVD: 7d8457de-463f-11e9-a2a6-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2019-00989 // 
            
            
            
            VULHUB: VHN-123907 // 
            
            
            
            BID: 106992 // 
            
            
            
            JVNDB: JVNDB-2018-015273 // 
            
            
            
            CNNVD: CNNVD-201902-526 // 
            
            
            
            NVD: CVE-2018-13810

REFERENCES
url:https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2018-13810
Trust: 1.4
url:https://ics-cert.us-cert.gov/advisories/icsa-19-043-06
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13810
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-19-043-06
Trust: 0.8
url:http://www.securityfocus.com/bid/106992
Trust: 0.6
url:https://www.auscert.org.au/bulletins/75478
Trust: 0.6
url:http://www.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2019-00989 // 
            
            
            
            VULHUB: VHN-123907 // 
            
            
            
            BID: 106992 // 
            
            
            
            JVNDB: JVNDB-2018-015273 // 
            
            
            
            CNNVD: CNNVD-201902-526 // 
            
            
            
            NVD: CVE-2018-13810

CREDITS
The vendor reported this issue.,Siemens reported these vulnerabilities to NCCIC.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201902-526

SOURCES
db:IVDid:7d8457de-463f-11e9-a2a6-000c29342cb1
db:CNVDid:CNVD-2019-00989
db:VULHUBid:VHN-123907
db:BIDid:106992
db:JVNDBid:JVNDB-2018-015273
db:CNNVDid:CNNVD-201902-526
db:NVDid:CVE-2018-13810

LAST UPDATE DATE
2024-11-23T22:25:57.481000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-00989date:2019-01-10T00:00:00
db:VULHUBid:VHN-123907date:2019-07-11T00:00:00
db:BIDid:106992date:2019-02-12T00:00:00
db:JVNDBid:JVNDB-2018-015273date:2019-07-08T00:00:00
db:CNNVDid:CNNVD-201902-526date:2019-07-16T00:00:00
db:NVDid:CVE-2018-13810date:2024-11-21T03:48:06.863

SOURCES RELEASE DATE
db:IVDid:7d8457de-463f-11e9-a2a6-000c29342cb1date:2019-01-10T00:00:00
db:CNVDid:CNVD-2019-00989date:2019-01-10T00:00:00
db:VULHUBid:VHN-123907date:2019-04-17T00:00:00
db:BIDid:106992date:2019-02-12T00:00:00
db:JVNDBid:JVNDB-2018-015273date:2019-05-17T00:00:00
db:CNNVDid:CNNVD-201902-526date:2019-02-12T00:00:00
db:NVDid:CVE-2018-13810date:2019-04-17T14:29:03.230