Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_WAGO_CVE-2019-5149.NASLHistoryFeb 14, 2023 - 12:00 a.m.
Wago PFC100/200 Web-Based Management FastCGI configuration insufficient resource pool denial of service (CVE-2019-5149)
2023-02-1400:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
wago pfc100
wago pfc200
fastcgi
denial of service
cve-2019-5149
insufficient resource pool
EPSS
0.001
Percentile
45.3%
The WBM web application on firmwares prior to 03.02.02 and 03.01.07 on the WAGO PFC100 and PFC2000, respectively, runs on a lighttpd web server and makes use of the FastCGI module, which is intended to provide high performance for all Internet applications without the penalties of Web server APIs. However, the default configuration of this module appears to limit the number of concurrent php-cgi processes to two, which can be abused to cause a denial of service of the entire web server. This affects WAGO PFC200 Firmware version 03.00.39(12) and version 03.01.07(13), and WAGO PFC100 Firmware version 03.00.39(12) and version 03.02.02(14).
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(500802);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/22");
script_cve_id("CVE-2019-5149");
script_name(english:"Wago PFC100/200 Web-Based Management FastCGI configuration insufficient resource pool denial of service (CVE-2019-5149)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"The WBM web application on firmwares prior to 03.02.02 and 03.01.07 on
the WAGO PFC100 and PFC2000, respectively, runs on a lighttpd web
server and makes use of the FastCGI module, which is intended to
provide high performance for all Internet applications without the
penalties of Web server APIs. However, the default configuration of
this module appears to limit the number of concurrent php-cgi
processes to two, which can be abused to cause a denial of service of
the entire web server. This affects WAGO PFC200 Firmware version
03.00.39(12) and version 03.01.07(13), and WAGO PFC100 Firmware
version 03.00.39(12) and version 03.02.02(14).
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0939");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5149");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(400);
script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/11");
script_set_attribute(attribute:"patch_publication_date", value:"2020/03/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/14");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:pfc100_firmware:03.00.39%2812%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:pfc100_firmware:03.01.07%2813%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:pfc200_firmware:03.00.39%2812%29");
script_set_attribute(attribute:"cpe", value:"cpe:/o:wago:pfc200_firmware:03.01.07%2813%29");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Wago");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Wago');
var asset = tenable_ot::assets::get(vendor:'Wago');
var vuln_cpes = {
"cpe:/o:wago:pfc200_firmware:03.00.39%2812%29" :
{"versionEndIncluding" : "03.00.39%2812%29", "versionStartIncluding" : "03.00.39%2812%29", "family" : "ControllerPFC200"},
"cpe:/o:wago:pfc200_firmware:03.01.07%2813%29" :
{"versionEndIncluding" : "03.01.07%2813%29", "versionStartIncluding" : "03.01.07%2813%29", "family" : "ControllerPFC200"},
"cpe:/o:wago:pfc100_firmware:03.00.39%2812%29" :
{"versionEndIncluding" : "03.00.39%2812%29", "versionStartIncluding" : "03.00.39%2812%29", "family" : "ControllerPFC100"},
"cpe:/o:wago:pfc100_firmware:03.01.07%2813%29" :
{"versionEndIncluding" : "03.01.07%2813%29", "versionStartIncluding" : "03.01.07%2813%29", "family" : "ControllerPFC100"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
Related
prion
prion
Default configuration
2020-03-11 22:27:00
cvelist
cvelist
CVE-2019-5149
2020-03-10 21:59:28
nvd
nvd
CVE-2019-5149
2020-03-11 22:27:40
talos
talos
cve
cve
CVE-2019-5149
2020-03-11 22:27:40