Lucene search

[email protected]NVD:CVE-2023-42796

HistoryOct 10, 2023 - 11:15 a.m.

CVE-2023-42796

2023-10-1011:15:12

CWE-22

[email protected]

web.nvd.nist.gov

vulnerability

cp-8031

cp-8051

directory traversal

privilege escalation

web server

user input

authenticated remote attacker

session ids

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.3%

JSON

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11). The web server of affected devices fails to properly sanitize user input for the /sicweb-ajax/tmproot/ endpoint.

This could allow an authenticated remote attacker to traverse directories on the system and download arbitrary files. By exploring active session IDs, the vulnerability could potentially be leveraged to escalate privileges to the administrator role.

Affected configurations

NVD

Node

siemenscp-8050_firmwareRange<05.11cpci85

AND

siemenscp-8050Match-

Node

siemenscp-8031_firmwareRange<05.11cpci85

AND

siemenscp-8031Match-

References

cert-portal.siemens.com/productcert/pdf/ssa-770890.pdf

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.3%

JSON

Related for NVD:CVE-2023-42796

cvelist1 cve1 prion1 ics1 nessus1 cnvd1