Lucene search
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2014-2909.NASLHistoryFeb 07, 2022 - 12:00 a.m.
Siemens SIMATIC S7-1200 HTTP Response Splitting (CVE-2014-2909)
2022-02-0700:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.7%
CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(500140);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/14");
script_cve_id("CVE-2014-2909");
script_name(english:"Siemens SIMATIC S7-1200 HTTP Response Splitting (CVE-2014-2909)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows
remote attackers to inject arbitrary HTTP headers via unspecified vectors.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
# http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892012.pdf
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?97bf6f91");
script_set_attribute(attribute:"see_also", value:"http://ics-cert.us-cert.gov/advisories/ICSA-14-114-02");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-892012.pdf");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-2909");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(94);
script_set_attribute(attribute:"vuln_publication_date", value:"2014/04/25");
script_set_attribute(attribute:"patch_publication_date", value:"2014/04/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7_cpu_1200_firmware:2.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7_cpu_1200_firmware:3.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:simatic_s7_cpu_1200_firmware:3.0.2");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:simatic_s7_cpu_1200_firmware:2.0" :
{"versionEndIncluding" : "2.0", "versionStartIncluding" : "2.0", "family" : "S71200"},
"cpe:/o:siemens:simatic_s7_cpu_1200_firmware:3.0" :
{"versionEndIncluding" : "3.0", "versionStartIncluding" : "3.0", "family" : "S71200"},
"cpe:/o:siemens:simatic_s7_cpu_1200_firmware:3.0.2" :
{"versionEndIncluding" : "3.0.2", "versionStartIncluding" : "3.0.2", "family" : "S71200"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | simatic_s7_cpu_1200_firmware | 2.0 | cpe:/o:siemens:simatic_s7_cpu_1200_firmware:2.0 |
| siemens | simatic_s7_cpu_1200_firmware | 3.0 | cpe:/o:siemens:simatic_s7_cpu_1200_firmware:3.0 |
| siemens | simatic_s7_cpu_1200_firmware | 3.0.2 | cpe:/o:siemens:simatic_s7_cpu_1200_firmware:3.0.2 |
Related
nessus
nessus
Siemens Simatic Improper Control of Generation of Code ('Code Injection')
2019-11-08 00:00:00
prion
prion
Crlf injection
2014-04-25 05:12:00
cve
cve
CVE-2014-2909
2014-04-25 05:12:07
cvelist
cvelist
CVE-2014-2909
2014-04-25 01:00:00
nvd
nvd
CVE-2014-2909
2014-04-25 05:12:07
ics
ics
Siemens SIMATIC S7-1200 CPU Web Vulnerabilities
2018-09-06 12:00:00
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.7%
Related for TENABLE_OT_SIEMENS_CVE-2014-2909.NASL