5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.015 Low
EPSS
Percentile
87.0%
ICS-CERT is aware of a public report of multiple vulnerabilities in Cogent’s DataHub application. These vulnerabilities include cross-site scripting and an HTTP header injection vulnerability, also known as a carriage return line feed. According to the report, Cogent Real-Times Systems Inc. has produced a patch that resolves these vulnerabilities.
Kuang-Chun Hung of Security Research and Service Institute - Information and Communication Security Technology Center (ICST), Taiwan R.O.C. reported these vulnerabilities to JPCERT/CC.
According to the report, the following products are affected:
Successful exploitation of these vulnerabilities could result in one or more of the following:
Impact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation.
Cogent Real-Time Systems Inc. is a Canadian-based company that produces middleware applications that are used to interface with control systems.
According to Cogent, DataHub is deployed across several sectors including manufacturing, building automation, chemical, banking and finance, electric utilities, and others. Cogent estimates these products are used primarily in the United States and Great Britain.
A cross-site scripting vulnerability exists in the Cogent DataHub application because it lacks server-side validation of query string parameter values. Attacks that exploit these vulnerabilities require that a user visit a specially crafted URL, which injects client-side scripts into the server’s HTTP response to the client.
CVE-2012-0309 has been assigned to this vulnerability. A CVSS V2 base score of 4.3 has also been assigned.
An HTTP header injection vulnerability (also known as carriage return line feed) exists in the Cogent DataHub application as the product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
CVE-2012-0310 has been assigned to this vulnerability. A CVSS V2 base score of 4.3 has also been assigned.
This vulnerability is remotely exploitable but may social engineering.
No known exploits specifically target this vulnerability.
An attacker with a low to moderate skill level could exploit these vulnerabilities.
According to the report, Cogent Real-Time Systems In. has produced a patch for these vulnerabilities that can be obtained by accessing the Cogent website located here: <http://www.cogentdatahub.com/Contact_Form.html> and filling out the required information.
ICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.
The Control Systems Security Program (CSSP) also provides a section for control systems security recommended practices on the CSSP web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to taking defensive measures.
In addition, ICS-CERT recommends that users take the following measures to protect themselves from social engineering attacks:
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0309
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0310
www.cogentdatahub.com/Contact_Form.html
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
twitter.com/CISAgov
twitter.com/intent/tweet?text=Cogent%20DataHub%20XSS%20and%20CRLF+https://www.cisa.gov/news-events/ics-advisories/icsa-12-016-01
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/ics-advisories/icsa-12-016-01&title=Cogent%20DataHub%20XSS%20and%20CRLF
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/ics-advisories/icsa-12-016-01
www.oig.dhs.gov/
www.surveymonkey.com/r/CISA-cyber-survey?product=https://www.cisa.gov/news-events/ics-advisories/icsa-12-016-01
www.usa.gov/
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=Cogent%20DataHub%20XSS%20and%20CRLF&body=www.cisa.gov/news-events/ics-advisories/icsa-12-016-01