Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_SIEMENS_CVE-2019-6585.NASL
HistoryMar 27, 2023 - 12:00 a.m.

Siemens SCALANCE S-600 Improper Neutralization of Script-Related HTML Tags in a Web Page (CVE-2019-6585)

2023-03-2700:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
siemens
scalance s-600
cross-site scripting
cve-2019-6585
web server
user interaction
tenable.ot

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.6%

JSON

A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1), SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All versions >= V3.0 and < V4.1). The integrated configuration web server of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link.
User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(500899);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/11");

  script_cve_id("CVE-2019-6585");

  script_name(english:"Siemens SCALANCE S-600 Improper Neutralization of Script-Related HTML Tags in a Web Page (CVE-2019-6585)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in SCALANCE S602 (All versions >=
V3.0 and < V4.1), SCALANCE S612 (All versions >= V3.0 and < V4.1),
SCALANCE S623 (All versions >= V3.0 and < V4.1), SCALANCE S627-2M (All
versions >= V3.0 and < V4.1). The integrated configuration web server
of the affected devices could allow Cross-Site Scripting (XSS) attacks
if unsuspecting users are tricked into accessing a malicious link.
User interaction is required for a successful exploitation. The user
must be logged into the web interface in order for the exploitation to
succeed.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-591405.pdf");
  script_set_attribute(attribute:"see_also", value:"https://www.us-cert.gov/ics/advisories/icsa-20-042-10");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk:

- For versions v3.0 and higher, Update to v4.1

- Only access links from trusted sources in the browser you use to access the SCALANCE S-600 administration website. 
- For SCALANCE S-600 family (S602, S612, S623, S627-2M): migrate to a successor product within the SCALANCE SC-600
family, v2.1 or later version. For details refer to the notice of discontinuation.

For more information on these vulnerabilities and associated software updates, please see Siemens security advisory
SSA-591405");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-6585");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_cwe_id(80);

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/03/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/27");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_s602_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_s612_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_s623_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:scalance_s627-2m_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Siemens");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Siemens');

var asset = tenable_ot::assets::get(vendor:'Siemens');

var vuln_cpes = {
    "cpe:/o:siemens:scalance_s602_firmware" :
        {"versionEndExcluding" : "4.1", "versionStartIncluding" : "3.0", "family" : "SCALANCES"},
    "cpe:/o:siemens:scalance_s612_firmware" :
        {"versionEndExcluding" : "4.1", "versionStartIncluding" : "3.0", "family" : "SCALANCES"},
    "cpe:/o:siemens:scalance_s623_firmware" :
        {"versionEndExcluding" : "4.1", "versionStartIncluding" : "3.0", "family" : "SCALANCES"},
    "cpe:/o:siemens:scalance_s627-2m_firmware" :
        {"versionEndExcluding" : "4.1", "versionStartIncluding" : "3.0", "family" : "SCALANCES"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
VendorProductVersionCPE
siemensscalance_s602_firmwarecpe:/o:siemens:scalance_s602_firmware
siemensscalance_s612_firmwarecpe:/o:siemens:scalance_s612_firmware
siemensscalance_s623_firmwarecpe:/o:siemens:scalance_s623_firmware
siemensscalance_s627-2m_firmwarecpe:/o:siemens:scalance_s627-2m_firmware

Related

cve 1
cvelist 1
nvd 1
prion 1
ics 1
cve
cve
CVE-2019-6585
2020-03-10 20:15:20
cvelist
cvelist
CVE-2019-6585
2020-03-10 19:16:17
nvd
nvd
CVE-2019-6585
2020-03-10 20:15:20
prion
prion
Cross site scripting
2020-03-10 20:15:00
ics
ics
Siemens SCALANCE S-600 (Update B)
2021-04-13 12:00:00

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.6%

JSON
Related for TENABLE_OT_SIEMENS_CVE-2019-6585.NASL
cve1cvelist1nvd1prion1ics1