Siemens SCALANCE W1750D Improper Neutralization of Input During Web Page Generation (CVE-2018-7064)

medium Tenable OT Security Plugin ID 501033

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A reflected cross-site scripting (XSS) vulnerability is present in an unauthenticated Aruba Instant web interface. An attacker could use this vulnerability to trick an IAP administrator into clicking a link which could then take administrative actions on the Instant cluster, or expose the session cookie for an administrative session.
Workaround: Administrators should make sure they log out of the Aruba Instant UI when not actively managing the system, and should use caution clicking links from external sources while logged into the IAP administrative interface. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Siemens recommends users upgrade to Version 8.4.0.1 or later, which can be downloaded from the following link:

https://support.industry.siemens.com/cs/us/en/view/109766816/

Siemens has identified the following specific workarounds and mitigations that users can apply to reduce the risk:

- Restrict access to the web-based management interface to the internal or VPN network.
- Do not browse other websites and do not click on external links while being authenticated to the administrative web interface.
- Apply appropriate strategies for mitigation.

As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for industrial security, and following the recommendations in the product manuals.

Additional information on Industrial Security by Siemens can be found at:

https://www.siemens.com/industrialsecurity

For more information on these vulnerabilities and associated software updates, please see Siemens security advisory SSA-549547 on their website:

https://www.siemens.com/cert/advisories

See Also

http://www.securityfocus.com/bid/108374

https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt

https://www.cisa.gov/news-events/ics-advisories/icsa-19-134-07

Plugin Details

Severity: Medium

ID: 501033

Version: 1.4

Type: remote

Family: Tenable.ot

Published: 4/11/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2018-7064

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:scalance_w1750d_firmware

Required KB Items: Tenable.ot/Siemens

Exploit Ease: No known exploits are available

Patch Publication Date: 5/10/2019

Vulnerability Publication Date: 5/10/2019

Reference Information

CVE: CVE-2018-7064

CWE: 79

ICSA: 19-134-07