Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SEL_CVE-2023-31161.NASLHistoryJun 05, 2023 - 12:00 a.m.
Schweitzer Engineering Laboratories RTAC Improper Input Validation (CVE-2023-31161)
2023-06-0500:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6
schweitzer engineering laboratories
rtac
web interface
authentication
vulnerability
tenable.ot
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
59.0%
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 for more details.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501178);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/08/24");
script_cve_id("CVE-2023-31161");
script_name(english:"Schweitzer Engineering Laboratories RTAC Improper Input Validation (CVE-2023-31161)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"An Improper Input Validation vulnerability in the Schweitzer
Engineering Laboratories Real-Time Automation Controller (SEL RTAC)
Web Interface could allow an authenticated remote attacker to use
internal resources, allowing a variety of potential effects. See SEL
Service Bulletin dated 2022-11-15 for more details.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://selinc.com/support/security-notifications/external-reports/");
script_set_attribute(attribute:"see_also", value:"https://www.nozominetworks.com/blog/");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-31161");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(20);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/05/10");
script_set_attribute(attribute:"patch_publication_date", value:"2023/05/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/06/05");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:selinc:sel-3350_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:selinc:sel-3532_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:selinc:sel-3555_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:selinc:sel-3560e_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:selinc:sel-3560s_firmware");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/SEL");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/SEL');
var asset = tenable_ot::assets::get(vendor:'SEL');
var vuln_cpes = {
"cpe:/o:selinc:sel-3350_firmware" :
{"versionEndExcluding" : "r150-v2", "versionStartIncluding" : "r148-v0", "family" : "Rtac"},
"cpe:/o:selinc:sel-3532_firmware" :
{"versionEndExcluding" : "r150-v2", "versionStartIncluding" : "r143-v0", "family" : "Rtac"},
"cpe:/o:selinc:sel-3555_firmware" :
{"versionEndExcluding" : "r150-v2", "versionStartIncluding" : "r143-v0", "family" : "Rtac"},
"cpe:/o:selinc:sel-3560e_firmware" :
{"versionEndExcluding" : "r150-v2", "versionStartIncluding" : "r144-v2", "family" : "Rtac"},
"cpe:/o:selinc:sel-3560s_firmware" :
{"versionEndExcluding" : "r150-v2", "versionStartIncluding" : "r144-v2", "family" : "Rtac"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| selinc | sel-3350_firmware | cpe:/o:selinc:sel-3350_firmware | |
| selinc | sel-3532_firmware | cpe:/o:selinc:sel-3532_firmware | |
| selinc | sel-3555_firmware | cpe:/o:selinc:sel-3555_firmware | |
| selinc | sel-3560e_firmware | cpe:/o:selinc:sel-3560e_firmware | |
| selinc | sel-3560s_firmware | cpe:/o:selinc:sel-3560s_firmware |
Related
cve
cve
CVE-2023-31161
2023-05-10 20:15:11
prion
prion
Input validation
2023-05-10 20:15:00
nvd
nvd
CVE-2023-31161
2023-05-10 20:15:11
cvelist
cvelist
CVE-2023-31161 Improper Input Validation in Web Interface
2023-05-10 19:24:03
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
59.0%
Related for TENABLE_OT_SEL_CVE-2023-31161.NASL