SB2024041515 - Multiple vulnerabilities in Siemens RUGGEDCOM APE1808

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024041515

SB2024041515 - Multiple vulnerabilities in Siemens RUGGEDCOM APE1808

Published: April 15, 2024

Security Bulletin ID SB2024041515
Severity
Medium
Patch available
NO
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 17% Low 83%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Insufficient Control of Network Message Volume (CVE-ID: CVE-2022-0028)

The vulnerability allows a remote attacker to perform DoS attack.

The vulnerability exists due to a misconfiguration of the PAN-OS URL filtering policy. A remote attacker can conduct reflected and amplified TCP denial-of-service (RDoS) attacks against other other system using the affected device as the source of the attack.

Successful exploitation of the vulnerability requires that the firewall configuration has a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing network interface.


2) Cleartext storage of sensitive information (CVE-ID: CVE-2023-0005)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to missing encryption of sensitive information. A local administrator can obtain plaintext values of secrets stored in the device configuration and encrypted API keys.


3) Race condition (CVE-ID: CVE-2023-0008)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to a race condition. A remote administrator with access to the web interface can  export local files from the firewall.


4) DOM-based cross-site scripting (CVE-ID: CVE-2023-6790)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


5) Unprotected storage of credentials (CVE-ID: CVE-2023-6791)

The vulnerability allows a remote user to gain access to other users' credentials.

The vulnerability exists due to application stores external system integration credentials in plain text. A remote read-only administrator can obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.


6) Externally Controlled Reference to a Resource in Another Sphere (CVE-ID: CVE-2023-38046)

The vulnerability allows a remote user to compromise the target system.

The vulnerability exists due to externally controlled reference to a resource in another sphere. A remote administrator can read local files and resources from the system.


Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References