Moxa ioLogik E1200 Series Cross-Site Request Forgery (CVE-2023-5961)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501851);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/21");

  script_cve_id("CVE-2023-5961");

  script_name(english:"Moxa ioLogik E1200 Series Cross-Site Request Forgery (CVE-2023-5961)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A Cross-Site Request Forgery (CSRF) vulnerability has been identified
in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker
can exploit this vulnerability to trick a client into making an
unintentional request to the web server, which will be treated as an
authentic request. This vulnerability may lead an attacker to perform
operations on behalf of the victimized user.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?221987d8");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-5961");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(352, 352);

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/12/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/12/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/12/28");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:iologik_e1210_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Moxa");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Moxa');

var asset = tenable_ot::assets::get(vendor:'Moxa');

var vuln_cpes = {
    "cpe:/o:moxa:iologik_e1210_firmware" :
        {"versionEndExcluding" : "3.3", "family" : "ioLogik"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);