Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4 Improper Neutralization of Input During Web Page Generation (CVE-2018-18985)

medium Tenable OT Security Plugin ID 500892

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4 a cross-site scripting vulnerability has been identified that may allow a remote attacker to inject code to some web pages affecting confidentiality.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Tridium recommends that affected users upgrade to the latest versions of the software (login required).Niagara Enterprise security 2.3u1 Version 2.3.118.6:https://software.niagara-central.com/ord?portal:/download/6284Niagara AX 3.8u4 Version 3.8.401.1:https://software.niagara-central.com/ord?portal:/download/6276Niagara 4.4u2 Version 4.4.93.40.2:https://software.niagara-central.com/ord?portal:/download/6268Niagara 4.6 Version 4.6.96.28.4:https://software.niagara-central.com/ord?portal:/download/6281For more information please see Tridium’s security bulletin SB 2018-Tridium-2 at:https://www.tridium.com/~/media/tridium/library/documents/collateral/technical%20 bulletins/update%20your%20niagara%20software%20-%20fixes%20cross-site%20scripting%20vulnerability_2018-11.ashx?la=en

NCCIC and Tridium recommend users take defensive measures to minimize the risk of exploitation of this vulnerability.
Specifically, users should:

- Review and validate the list of users who are authorized and who can authenticate to Niagara.
- Allow only trained and trusted persons to have physical access to the system, including devices that have connection to the system though the Ethernet port.
- If remote connections to the network are required, consider using a VPN or other means to ensure secure remote connections into the network where the system is located.

See Also

http://www.securityfocus.com/bid/106530

https://ics-cert.us-cert.gov/advisories/ICSA-18-333-02

Plugin Details

Severity: Medium

ID: 500892

Version: 1.9

Type: remote

Family: Tenable.ot

Published: 3/21/2023

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Low

Base Score: 3.5

Temporal Score: 2.6

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS Score Source: CVE-2018-18985

CVSS v3

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:tridium:niagara:4.4u2, cpe:/a:tridium:niagara_ax_framework, cpe:/a:tridium:niagara:4, cpe:/a:tridium:niagara_ax_framework:3.8u4

Required KB Items: Tenable.ot/assetBag

Exploit Ease: No known exploits are available

Patch Publication Date: 1/29/2019

Vulnerability Publication Date: 1/29/2019

Reference Information

CVE: CVE-2018-18985

CWE: 79

ICSA: 18-333-02