cvelistv5 - cve-2019-6584

CVE-2019-6584 (GCVE-0-2019-6584)

Vulnerability from cvelistv5

Published

2019-06-12 13:47

Modified

2024-08-04 20:23

Severity ?

CWE

CWE-384 - Session Fixation

Summary

A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). The integrated webserver does not invalidate the Session ID upon user logout. An attacker that successfully extracted a valid Session ID is able to use it even after the user logs out. The security vulnerability could be exploited by an attacker in a privileged network position who is able to read the communication between the affected device and the user or by an attacker who is able to obtain valid Session IDs through other means. The user must invoke a session to the affected device. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

URL

Tags

https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf

x_refsource_MISC

Impacted products

Vendor

Product

Version

Siemens AG

SIEMENS LOGO!8

Version: 6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx

Siemens AG

SIEMENS LOGO!8

Version: 6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.246Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIEMENS LOGO!8",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx"
            }
          ]
        },
        {
          "product": "SIEMENS LOGO!8",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "6ED1052-xyy08-0BA0 FS:01 / Firmware version \u003c V1.82.02"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version \u003c V1.82.02). The integrated webserver does not invalidate the Session ID upon user logout. An attacker that successfully extracted a valid Session ID is able to use it even after the user logs out. The security vulnerability could be exploited by an attacker in a privileged network position who is able to read the communication between the affected device and the user or by an attacker who is able to obtain valid Session IDs through other means. The user must invoke a session to the affected device. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-384",
              "description": "CWE-384: Session Fixation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-12T13:47:57.000Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6584",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIEMENS LOGO!8",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIEMENS LOGO!8",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6ED1052-xyy08-0BA0 FS:01 / Firmware version \u003c V1.82.02"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version \u003c V1.82.02). The integrated webserver does not invalidate the Session ID upon user logout. An attacker that successfully extracted a valid Session ID is able to use it even after the user logs out. The security vulnerability could be exploited by an attacker in a privileged network position who is able to read the communication between the affected device and the user or by an attacker who is able to obtain valid Session IDs through other means. The user must invoke a session to the affected device. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-384: Session Fixation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6584",
    "datePublished": "2019-06-12T13:47:57.000Z",
    "dateReserved": "2019-01-22T00:00:00.000Z",
    "dateUpdated": "2024-08-04T20:23:22.246Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2019-AVI-256

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC Ident MV420
Siemens	N/A	SIEMENS LOGO!8 versions antérieures à V1.82.02
Siemens	N/A	SCALANCE X-200IRT
Siemens	N/A	SCALANCE X-200 versions antérieures à V5.2.4
Siemens	N/A	SCALANCE X-200RNA versions antérieures à V3.2.6
Siemens	N/A	SIMATIC Ident MV440
Siemens	N/A	SCALANCE X-300
Siemens	N/A	Siveillance VMS 2018 R2 versions antérieures à V12.2a
Siemens	N/A	Siveillance VMS 2018 R1 versions antérieures à V12.1a
Siemens	N/A	Siveillance VMS 2019 R1 versions antérieures à V13.1a
Siemens	N/A	Siveillance VMS 2017 R2 versions antérieures à V11.2a
Siemens	N/A	SCALANCE X-414-3E
Siemens	N/A	Siveillance VMS 2018 R3 versions antérieures à V12.3a

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-774850 du 11 juin 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-816980 du 11 juin 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-646841 du 11 juin 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-181018 du 11 juin 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-212009 du 11 juin 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC Ident MV420",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIEMENS LOGO!8 versions ant\u00e9rieures \u00e0 V1.82.02",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE X-200IRT",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE X-200 versions ant\u00e9rieures \u00e0 V5.2.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE X-200RNA versions ant\u00e9rieures \u00e0 V3.2.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Ident MV440",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE X-300",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance VMS 2018 R2 versions ant\u00e9rieures \u00e0 V12.2a",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance VMS 2018 R1 versions ant\u00e9rieures \u00e0 V12.1a",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance VMS 2019 R1 versions ant\u00e9rieures \u00e0 V13.1a",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance VMS 2017 R2 versions ant\u00e9rieures \u00e0 V11.2a",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE X-414-3E",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance VMS 2018 R3 versions ant\u00e9rieures \u00e0 V12.3a",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-6584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6584"
    },
    {
      "name": "CVE-2019-6567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6567"
    },
    {
      "name": "CVE-2019-6580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6580"
    },
    {
      "name": "CVE-2018-4833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4833"
    },
    {
      "name": "CVE-2019-10926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10926"
    },
    {
      "name": "CVE-2019-6571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6571"
    },
    {
      "name": "CVE-2019-10925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10925"
    },
    {
      "name": "CVE-2019-6581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6581"
    },
    {
      "name": "CVE-2019-6582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6582"
    }
  ],
  "initial_release_date": "2019-06-11T00:00:00",
  "last_revision_date": "2019-06-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-256",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-06-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-774850 du 11 juin 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-774850.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-816980 du 11 juin 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-646841 du 11 juin 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-646841.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-181018 du 11 juin 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-181018.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-212009 du 11 juin 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-212009.pdf"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2019-6584 (GCVE-0-2019-6584)

Vulnerability from cvelistv5

CERTFR-2019-AVI-256

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature