CVE-2024-37998

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). The password of administrative accounts of the affected applications can be reset without requiring the knowledge of the current password, given the auto login is enabled. This could allow an unauthorized attacker to obtain administrative access of the affected applications.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-071402.html

Configurations

No configuration.

History

24 Jul 2024, 12:55

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad en CPCI85 Central Processing/Communication/ (todas las versiones < V5.40), SICORE Base system (todas las versiones < V1.4.0). La contraseña de las cuentas administrativas de las aplicaciones afectadas se puede restablecer sin necesidad de conocer la contraseña actual, siempre que el inicio de sesión automático esté habilitado. Esto podría permitir que un atacante no autorizado obtenga acceso administrativo a las aplicaciones afectadas.

22 Jul 2024, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-22 14:15

Updated : 2024-07-24 12:55

NVD link : CVE-2024-37998

Mitre link : CVE-2024-37998

CVE.ORG link : CVE-2024-37998

JSON object : View

Products Affected

No product.

CWE

CWE-620

Unverified Password Change

{"id": "CVE-2024-37998", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 9.3, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-07-22T14:15:05.453", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-071402.html", "source": "productcert@siemens.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-620"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). The password of administrative accounts of the affected applications can be reset without requiring the knowledge of the current password, given the auto login is enabled. This could allow an unauthorized attacker to obtain administrative access of the affected applications."}, {"lang": "es", "value": " Se ha identificado una vulnerabilidad en CPCI85 Central Processing/Communication/ (todas las versiones < V5.40), SICORE Base system (todas las versiones < V1.4.0). La contrase\u00f1a de las cuentas administrativas de las aplicaciones afectadas se puede restablecer sin necesidad de conocer la contrase\u00f1a actual, siempre que el inicio de sesi\u00f3n autom\u00e1tico est\u00e9 habilitado. Esto podr\u00eda permitir que un atacante no autorizado obtenga acceso administrativo a las aplicaciones afectadas."}], "lastModified": "2024-07-24T12:55:13.223", "sourceIdentifier": "productcert@siemens.com"}