Detections
Analytics

Inductive Automation Ignition Multiple Vulnerabilities

medium Nessus Plugin ID 83952

Language:

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Inductive Automation Ignition listening on the remote host is affected by multiple vulnerabilities :

 - A cross-site scripting vulnerability exists in Java Web Start when adding any symbols to web requests for starting Java applets. A remote attacker can exploit this to inject malicious input and include JNLP files.
 (CVE-2015-0976)

 - An information disclosure vulnerability exists due to error messages generated by unhandled exceptions.
 (CVE-2015-0991)

 - OPC server credentials may be insecurely stored in plain text. (CVE-2015-0992)

 - Sessions are not properly terminated by the web interface after logout, allowing a remote attacker to reuse the session to gain unauthorized access.
 (CVE-2015-0993)

 - Resetting the session ID parameter using an HTTP request allows an attacker to bypass prevention mechanisms for brute force login attacks. (CVE-2015-0994)

 - A weak hashing algorithm (MD5) is used for storing password information in the authentication database, thus allowing easier brute-force attacks to gain access. (CVE-2015-0995)

Solution

Upgrade to Ignition 7.5.14 / 7.7.4.

See Also

http://www.nessus.org/u?ce62874d

Plugin Details

Severity: Medium

ID: 83952

File Name: scada_inductive_automation_ignition_ICSA-15-090-01.nbin

Version: 1.119

Type: remote

Family: SCADA

Published: 6/2/2015

Updated: 10/10/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2015-0993

Vulnerability Information

CPE: cpe:/a:inductiveautomation:ignition

Required KB Items: installed_sw/Inductive Automation Ignition

Exploit Ease: No known exploits are available

Patch Publication Date: 3/31/2015

Vulnerability Publication Date: 12/30/2008

Reference Information

CVE: CVE-2015-0976, CVE-2015-0991, CVE-2015-0992, CVE-2015-0993, CVE-2015-0994, CVE-2015-0995

BID: 73468, 73469, 73471, 73473, 73474, 73475

CERT: 836068

ICSA: 15-090-01