Vulnerability-Lookup

CVE-2020-7576 (GCVE-0-2020-7576)

Vulnerability from cvelistv5 – Published: 2020-07-14 13:18 – Updated: 2024-08-04 09:33

Summary

A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2), Opcenter Execution Core (V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim.

Severity ?

No CVSS data available.

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

siemens

References

URL

GSD-2020-7576

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-7576

Aliases

CVE-2020-7576

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-7576",
    "description": "A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions \u003c V8.2), Opcenter Execution Core (V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim.",
    "id": "GSD-2020-7576"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-7576"
      ],
      "details": "A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions \u003c V8.2), Opcenter Execution Core (V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim.",
      "id": "GSD-2020-7576",
      "modified": "2023-12-13T01:21:51.815021Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2020-7576",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Camstar Enterprise Platform",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Opcenter Execution Core",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V8.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Opcenter Execution Core",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V8.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions \u003c V8.2), Opcenter Execution Core (V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:opcenter_execution_core:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-7576"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions \u003c V8.2), Opcenter Execution Core (V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.3,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2023-02-03T02:28Z",
      "publishedDate": "2020-07-14T14:15Z"
    }
  }
}

CERTFR-2020-AVI-439

Vulnerability from certfr_avis - Published: 2020-07-15 - Updated: 2020-07-15

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	LOGO! 8 BM (incl. variantes SIPLUS) versions antérieures à V1.82.04
Siemens	N/A	SIMATIC S7-300 CPU (incl. variantes ET200CPUs et SIPLUS) versions antérieures à V3.X.17
Siemens	N/A	SIMATIC TDC CP51M1 versions antérieures à V1.1.8
Siemens	N/A	SICAM T versions antérieures à V2.18
Siemens	N/A	Opcenter Execution Process versions antérieures à v3.2
Siemens	N/A	SICAM MMU versions antérieures à V2.05
Siemens	N/A	Camstar Enterprise Platform : une migration vers Opcenter Execution Core 8.2 est requise
Siemens	N/A	SIMATIC IT LMS, Production Suite, Notifier Server for Windows, PCS neo
Siemens	N/A	SICAM SGU
Siemens	N/A	LOGO! 8 BM (incl. variantes SIPLUS) versions antérieures à V1.82.03
Siemens	N/A	Opcenter RD&L versions antérieures à 8.1
Siemens	N/A	SIMATIC WinCC Runtime Advanced
Siemens	N/A	SPPA-T3000 APC UPS avec carte NMC AP9630 ou AP9631
Siemens	N/A	SIMATIC STEP 7 (TIA Portal) v16 versions antérieures à V16 update 2
Siemens	N/A	SPPA-T3000 Application Server et Terminal Server
Siemens	N/A	SIMATIC TDC CPU555 versions antérieures à V1.1.1
Siemens	N/A	Opcenter Execution Discrete versions antérieures à v3.2
Siemens	N/A	Opcenter Execution Core versions antérieures à v8.2
Siemens	N/A	SIMATIC S7-200 SMART CPU versions antérieures à V2.5.1
Siemens	N/A	Opcenter Quality versions antérieures à 11.3
Siemens	N/A	Opcenter Intelligence
Siemens	N/A	LOGO! 8 BM (incl. variantes SIPLUS) versions antérieures à V1.81.04
Siemens	N/A	SIMATIC HMI Basic Panels première et seconde génération, Comfort Panels, Mobile Panels de seconde génération (incl. variantes SIPLUS)
Siemens	N/A	SIMATIC STEP 7 (TIA Portal) v15
Siemens	N/A	SINUMERIK 840D sl versions antérieures à V4.8.6
Siemens	N/A	SIMATIC HMI KTP700F Mobile Arctic
Siemens	N/A	Opcenter Execution Foundation versions antérieures à v3.2
Siemens	N/A	SIMOCODE ES et Soft Starter ES
Siemens	N/A	SINUMERIK 840D sl versions antérieures à V4.94

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-589181 du 14 juillet 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-631949 du 14 juillet 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-573753 du 14 juillet 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-604937 du 14 juillet 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-508982 du 10 mars 2020, mis à jour le 14 juillet 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-841348 du 14 juillet 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-364335 du 14 juillet 2020	None	vendor-advisory
Bulletin de sécurité Siemens SSA-305120 du 14 juillet 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "LOGO! 8 BM (incl. variantes SIPLUS) versions ant\u00e9rieures \u00e0 V1.82.04",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-300 CPU (incl. variantes ET200CPUs et SIPLUS) versions ant\u00e9rieures \u00e0 V3.X.17",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC TDC CP51M1 versions ant\u00e9rieures \u00e0 V1.1.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SICAM T versions ant\u00e9rieures \u00e0 V2.18",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Execution Process versions ant\u00e9rieures \u00e0 v3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SICAM MMU versions ant\u00e9rieures \u00e0 V2.05",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Camstar Enterprise Platform : une migration vers Opcenter Execution Core 8.2 est requise",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IT LMS, Production Suite, Notifier Server for Windows, PCS neo",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SICAM SGU",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 8 BM (incl. variantes SIPLUS) versions ant\u00e9rieures \u00e0 V1.82.03",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter RD\u0026L versions ant\u00e9rieures \u00e0 8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Advanced",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SPPA-T3000 APC UPS avec carte NMC AP9630 ou AP9631",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 (TIA Portal) v16 versions ant\u00e9rieures \u00e0 V16 update 2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SPPA-T3000 Application Server et Terminal Server",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC TDC CPU555 versions ant\u00e9rieures \u00e0 V1.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Execution Discrete versions ant\u00e9rieures \u00e0 v3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Execution Core versions ant\u00e9rieures \u00e0 v8.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC S7-200 SMART CPU versions ant\u00e9rieures \u00e0 V2.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Quality versions ant\u00e9rieures \u00e0 11.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Intelligence",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! 8 BM (incl. variantes SIPLUS) versions ant\u00e9rieures \u00e0 V1.81.04",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Basic Panels premi\u00e8re et seconde g\u00e9n\u00e9ration, Comfort Panels, Mobile Panels de seconde g\u00e9n\u00e9ration (incl. variantes SIPLUS)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC STEP 7 (TIA Portal) v15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK 840D sl versions ant\u00e9rieures \u00e0 V4.8.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI KTP700F Mobile Arctic",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Execution Foundation versions ant\u00e9rieures \u00e0 v3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMOCODE ES et Soft Starter ES",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINUMERIK 840D sl versions ant\u00e9rieures \u00e0 V4.94",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7584"
    },
    {
      "name": "CVE-2020-7577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7577"
    },
    {
      "name": "CVE-2020-7587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7587"
    },
    {
      "name": "CVE-2020-7576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7576"
    },
    {
      "name": "CVE-2019-18336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18336"
    },
    {
      "name": "CVE-2020-10042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10042"
    },
    {
      "name": "CVE-2020-7592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7592"
    },
    {
      "name": "CVE-2020-10043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10043"
    },
    {
      "name": "CVE-2020-10045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10045"
    },
    {
      "name": "CVE-2020-7578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7578"
    },
    {
      "name": "CVE-2020-7588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7588"
    },
    {
      "name": "CVE-2020-10044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10044"
    },
    {
      "name": "CVE-2020-10041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10041"
    },
    {
      "name": "CVE-2020-7581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7581"
    },
    {
      "name": "CVE-2020-10039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10039"
    },
    {
      "name": "CVE-2020-10038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10038"
    },
    {
      "name": "CVE-2020-10040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10040"
    },
    {
      "name": "CVE-2020-11896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11896"
    },
    {
      "name": "CVE-2020-7593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7593"
    },
    {
      "name": "CVE-2020-10037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10037"
    },
    {
      "name": "CVE-2020-0545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0545"
    }
  ],
  "initial_release_date": "2020-07-15T00:00:00",
  "last_revision_date": "2020-07-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2020-AVI-439",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-589181 du 14 juillet 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-589181.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-631949 du 14 juillet 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-573753 du 14 juillet 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-573753.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-604937 du 14 juillet 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-508982 du 10 mars 2020, mis \u00e0 jour le 14 juillet 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-841348 du 14 juillet 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-364335 du 14 juillet 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-305120 du 14 juillet 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-305120.pdf"
    }
  ]
}

FKIE_CVE-2020-7576

Vulnerability from fkie_nvd - Published: 2020-07-14 14:15 - Updated: 2024-11-21 05:37

Severity ?

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf	Vendor Advisory

Impacted products

	Vendor	Product	Version
	siemens	opcenter_execution_core	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:opcenter_execution_core:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D09C829-E81B-474E-92C5-DFAC7BC65FD5",
              "versionEndExcluding": "8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions \u003c V8.2), Opcenter Execution Core (V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en Camstar Enterprise Platform (Todas las versiones), Opcenter Execution Core (Todas las versiones anteriores a V8.2), Opcenter Execution Core (versi\u00f3n V8.2). Un usuario autenticado con la capacidad de crear contenedores, paquetes o registrar defectos podr\u00eda llevar a cabo ataques de tipo Cross-Site Scripting (XSS) almacenado dentro del software vulnerable. El impacto de este ataque podr\u00eda resultar en el robo de cookies de sesi\u00f3n de usuarios leg\u00edtimos. Si atacante consigue acceso a estas cookies, podr\u00eda secuestrar la sesi\u00f3n y llevar a cabo acciones arbitrarias en nombre de la v\u00edctima"
    }
  ],
  "id": "CVE-2020-7576",
  "lastModified": "2024-11-21T05:37:24.447",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-14T14:15:18.213",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-5778-F7P4-MGRG

Vulnerability from github – Published: 2022-05-24 17:22 – Updated: 2023-02-03 03:30

Details

A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions < V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim.

Severity ?

5.4 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-7576"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-07-14T14:15:00Z",
    "severity": "LOW"
  },
  "details": "A vulnerability has been identified in Camstar Enterprise Platform (All versions), Opcenter Execution Core (All versions \u003c V8.2). An authenticated user with the ability to create containers, packages or register defects could perform stored Cross-Site Scripting (XSS) attacks within the vulnerable software. The impact of this attack could result in the session cookies of legitimate users being stolen. Should the attacker gain access to these cookies, they could then hijack the session and perform arbitrary actions in the name of the victim.",
  "id": "GHSA-5778-f7p4-mgrg",
  "modified": "2023-02-03T03:30:25Z",
  "published": "2022-05-24T17:22:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7576"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2020-40863

Vulnerability from cnvd - Published: 2020-07-19

Title

Siemens Opcenter Execution Core跨站脚本漏洞

Description

Opcenter Execution Core（以前称为Camstar Enterprise Platform）是一种通用的制造执行系统（MES）。 Siemens Opcenter Execution Core存在跨站脚本漏洞。攻击者可利用漏洞获取合法用户的会话cookie。

Severity

低

Patch Name

Siemens Opcenter Execution Core跨站脚本漏洞的补丁

Patch Description

Opcenter Execution Core（以前称为Camstar Enterprise Platform）是一种通用的制造执行系统（MES）。 Siemens Opcenter Execution Core存在跨站脚本漏洞。攻击者可利用漏洞获取合法用户的会话cookie。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf

Impacted products

Name
['Siemens Opcenter Execution Core < V8.2', 'Siemens Camstar Enterprise Platform']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-7576"
    }
  },
  "description": "Opcenter Execution Core\uff08\u4ee5\u524d\u79f0\u4e3aCamstar Enterprise Platform\uff09\u662f\u4e00\u79cd\u901a\u7528\u7684\u5236\u9020\u6267\u884c\u7cfb\u7edf\uff08MES\uff09\u3002\n\nSiemens Opcenter Execution Core\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u83b7\u53d6\u5408\u6cd5\u7528\u6237\u7684\u4f1a\u8bddcookie\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-40863",
  "openTime": "2020-07-19",
  "patchDescription": "Opcenter Execution Core\uff08\u4ee5\u524d\u79f0\u4e3aCamstar Enterprise Platform\uff09\u662f\u4e00\u79cd\u901a\u7528\u7684\u5236\u9020\u6267\u884c\u7cfb\u7edf\uff08MES\uff09\u3002\r\n\r\nSiemens Opcenter Execution Core\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u83b7\u53d6\u5408\u6cd5\u7528\u6237\u7684\u4f1a\u8bddcookie\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens Opcenter Execution Core\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens Opcenter Execution Core \u003c V8.2",
      "Siemens Camstar Enterprise Platform"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf",
  "serverity": "\u4f4e",
  "submitTime": "2020-07-15",
  "title": "Siemens Opcenter Execution Core\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-7576 (GCVE-0-2020-7576)

GSD-2020-7576

CERTFR-2020-AVI-439

Solution

FKIE_CVE-2020-7576

GHSA-5778-F7P4-MGRG

CNVD-2020-40863

Tags

Sightings

Nomenclature