Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2018-11448.NASL
HistoryApr 11, 2023 - 12:00 a.m.

Siemens SCALANCE M875 Cross-site Scripting (CVE-2018-11448)

2023-04-1100:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
siemens scalance m875
cross-site scripting
cve-2018-11448
port 443/tcp
stored xss
web interface
authentication
administrative user
tenable.ot
browser

4.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

16.0%

JSON

A vulnerability has been identified in SCALANCE M875 (All versions).
The web interface on port 443/tcp could allow a stored Cross-Site Scripting (XSS) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires that the attacker has access to the web interface of an affected device. The attacker must be authenticated as administrative user on the web interface. Afterwards, a legitimate user must access the web interface. A successful attack could allow an attacker to execute malicious code in the browser of a legitimate user. At the time of advisory publication no public exploitation of this security vulnerability was known.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501010);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/20");

  script_cve_id("CVE-2018-11448");

  script_name(english:"Siemens SCALANCE M875 Cross-site Scripting (CVE-2018-11448)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in SCALANCE M875 (All versions).
The web interface on port 443/tcp could allow a stored Cross-Site
Scripting (XSS) attack if an unsuspecting user is tricked into
accessing a malicious link. Successful exploitation requires that the
attacker has access to the web interface of an affected device. The
attacker must be authenticated as administrative user on the web
interface. Afterwards, a legitimate user must access the web
interface. A successful attack could allow an attacker to execute
malicious code in the browser of a legitimate user. At the time of
advisory publication no public exploitation of this security
vulnerability was known.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdf");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-11448");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(79);

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/06/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/06/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/11");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_m875_firmware:-");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:scalance_m875_firmware:-" :
        {"family" : "SCALANCEM"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_NOTE);
VendorProductVersionCPE
siemensscalance_m875_firmware-cpe:/o:siemens:scalance_m875_firmware:-

Related

cvelist 1
nvd 1
prion 1
cve 1
cvelist
cvelist
CVE-2018-11448
2018-06-15 00:00:00
nvd
nvd
CVE-2018-11448
2018-06-26 18:29:00
prion
prion
Cross site scripting
2018-06-26 18:29:00
cve
cve
CVE-2018-11448
2018-06-26 18:29:00

4.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

16.0%

JSON
Related for TENABLE_OT_SIEMENS_CVE-2018-11448.NASL
cvelist1nvd1prion1cve1