Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_ROCKWELL_CVE-2015-6488.NASL
HistoryFeb 07, 2022 - 12:00 a.m.

Rockwell MicroLogix Cross-site Scripting (CVE-2015-6488)

2022-02-0700:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.4%

JSON

Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500043);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/26");

  script_cve_id("CVE-2015-6488");

  script_name(english:"Rockwell MicroLogix Cross-site Scripting (CVE-2015-6488)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000
and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified
vectors.  

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more
information.");
  script_set_attribute(attribute:"see_also", value:"https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03");
  # https://www.rockwellautomation.com/en-us/support/advisory.PN893.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9c377d0e");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-6488");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(79);

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/10/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/10/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:rockwellautomation:micrologix_1100_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:rockwellautomation:micrologix_1400_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Rockwell");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Rockwell');

var asset = tenable_ot::assets::get(vendor:'Rockwell');

var vuln_cpes = {
    "cpe:/o:rockwellautomation:micrologix_1100_firmware" :
        {"versionEndIncluding" : "14.000", "family" : "MicroLogix1100"},
    "cpe:/o:rockwellautomation:micrologix_1400_firmware" :
        {"versionEndIncluding" : "15.002", "family" : "MicroLogix1400"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
VendorProductVersionCPE
rockwellautomationmicrologix_1100_firmwarecpe:/o:rockwellautomation:micrologix_1100_firmware
rockwellautomationmicrologix_1400_firmwarecpe:/o:rockwellautomation:micrologix_1400_firmware

Related

prion 1
nvd 1
ptsecurity 1
nessus 2
cvelist 1
cve 1
ics 1
prion
prion
Cross site scripting
2015-10-28 10:59:00
nvd
nvd
CVE-2015-6488
2015-10-28 10:59:11
ptsecurity
ptsecurity
PT-2015-16: Cross-site scripting in Rockwell Automation Micrologix 1100 and 1400 PLC
2015-03-12 00:00:00
nessus
nessus
Rockwellautomation Micrologix Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2019-11-08 00:00:00
MicroLogix 1400 PLC Web Server Multiple Vulnerabilities
2016-05-31 00:00:00
cvelist
cvelist
CVE-2015-6488
2015-10-28 10:00:00
cve
cve
CVE-2015-6488
2015-10-28 10:59:11
ics
ics
Rockwell Automation Micrologix 1100 and 1400 PLC Systems Vulnerabilities (Update A)
2018-08-27 12:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.4%

JSON
Related for TENABLE_OT_ROCKWELL_CVE-2015-6488.NASL
prion1nvd1ptsecurity1nessus2cvelist1cve1ics1