Tridium Niagara 4, AX, and Enterprise Security vulnerability (CVE-2018-18985
Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
NVD | CVE-2018-18985 | 29 Jan 201916:29 | β | nvd |
Prion | Cross site scripting | 29 Jan 201916:29 | β | prion |
CVE | CVE-2018-18985 | 29 Jan 201916:29 | β | cve |
Tenable Nessus | Tridium Niagara Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 10 Aug 202000:00 | β | nessus |
Cvelist | CVE-2018-18985 | 29 Jan 201916:00 | β | cvelist |
ICS | Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4 | 10 Jan 201912:00 | β | ics |
Source | Link |
---|---|
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
securityfocus | www.securityfocus.com/bid/106530 |
ics-cert | www.ics-cert.us-cert.gov/advisories/ICSA-18-333-02 |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(500892);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/11");
script_cve_id("CVE-2018-18985");
script_name(english:"Tridium Niagara Enterprise Security, Niagara AX, and Niagara 4 Improper Neutralization of Input During Web Page Generation (CVE-2018-18985)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Tridium Niagara Enterprise Security 2.3u1, all versions prior to
2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara
4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all
versions prior to 4.6.96.28.4 a cross-site scripting vulnerability has
been identified that may allow a remote attacker to inject code to
some web pages affecting confidentiality.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/106530");
script_set_attribute(attribute:"see_also", value:"https://ics-cert.us-cert.gov/advisories/ICSA-18-333-02");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Tridium recommends that affected users upgrade to the latest versions of the software (login required).Niagara
Enterprise security 2.3u1 Version 2.3.118.6:https://software.niagara-central.com/ord?portal:/download/6284Niagara AX
3.8u4 Version 3.8.401.1:https://software.niagara-central.com/ord?portal:/download/6276Niagara 4.4u2 Version
4.4.93.40.2:https://software.niagara-central.com/ord?portal:/download/6268Niagara 4.6 Version
4.6.96.28.4:https://software.niagara-central.com/ord?portal:/download/6281For more information please see TridiumΓ’ΒΒs
security bulletin SB 2018-Tridium-2 at:https://www.tridium.com/~/media/tridium/library/documents/collateral/technical%20
bulletins/update%20your%20niagara%20software%20-%20fixes%20cross-site%20scripting%20vulnerability_2018-11.ashx?la=en
NCCIC and Tridium recommend users take defensive measures to minimize the risk of exploitation of this vulnerability.
Specifically, users should:
- Review and validate the list of users who are authorized and who can authenticate to Niagara.
- Allow only trained and trusted persons to have physical access to the system, including devices that have connection
to the system though the Ethernet port.
- If remote connections to the network are required, consider using a VPN or other means to ensure secure remote
connections into the network where the system is located.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-18985");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(79);
script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/29");
script_set_attribute(attribute:"patch_publication_date", value:"2019/01/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/21");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:tridium:niagara:4");
script_set_attribute(attribute:"cpe", value:"cpe:/a:tridium:niagara:4.4u2");
script_set_attribute(attribute:"cpe", value:"cpe:/a:tridium:niagara_ax_framework");
script_set_attribute(attribute:"cpe", value:"cpe:/a:tridium:niagara_ax_framework:3.8u4");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/assetBag");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/assetBag');
var asset = tenable_ot::assets::get(hasAssetBag:TRUE);
var vuln_cpes = {
"cpe:/a:tridium:niagara:4" :
{"versionEndExcluding" : "4.4.93.40.2", "family" : "Niagara"},
"cpe:/a:tridium:niagara:4.4u2" :
{"versionEndIncluding" : "4.4u2", "versionStartIncluding" : "4.4u2", "family" : "Niagara"},
"cpe:/a:tridium:niagara:4.6" :
{"versionEndExcluding" : "4.6.96.28.4", "versionStartIncluding" : "4.6", "family" : "Niagara"},
"cpe:/a:tridium:niagara_ax_framework:3.8u4" :
{"versionEndIncluding" : "3.8u4", "versionStartIncluding" : "3.8u4", "family" : "Niagara"},
"cpe:/a:tridium:niagara_ax_framework" :
{"versionEndExcluding" : "3.8.401.1", "family" : "Niagara"},
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_NOTE);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo