Automated Logic WebCTRL URL Redirection to Untrusted Site (CVE-2022-1019)

medium Tenable OT Security Plugin ID 500965

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open redirection. The vulnerability allows an attacker to send a maliciously crafted URL which could result in redirecting the user to a malicious webpage or downloading a malicious file.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Carrier recommends users contact an Automated Logic dealer for instructions to download the latest version of WebCTRL.

Carrier also recommends the following manual workaround:

- An administrator can add the CSP header/meta tag to each “index.htm” file in each of the directories under “<install_dir>/webroot/_common/lvl5/help/*”
- Example would read: <meta http-equiv="Content-Security-Policy" content="default-src 'self'; img-src 'self' data:;
font-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'">

Please see Carrier product security advisory CARR-PSA-001-1121 for more information.

See Also

http://www.nessus.org/u?5b5b2471

https://www.cisa.gov/news-events/ics-advisories/icsa-22-109-02

Plugin Details

Severity: Medium

ID: 500965

Version: 1.9

Type: remote

Family: Tenable.ot

Published: 4/6/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2022-1019

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:automatedlogic:webctrl_server

Required KB Items: Tenable.ot/AutomatedLogicCorporation

Exploit Ease: No known exploits are available

Patch Publication Date: 4/19/2022

Vulnerability Publication Date: 4/19/2022

Reference Information

CVE: CVE-2022-1019

CWE: 601

ICSA: 22-109-02