CVE-2021-34561

In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying through their target's browser.

CVSS v3 8.8 HIGH
CVSS v2.0 6.8 MEDIUM

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://cert.vde.com/en-us/advisories/vde-2021-027	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:pepperl-fuchs:wha-gw-f2d2-0-as-z2-eth_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:pepperl-fuchs:wha-gw-f2d2-0-as-z2-eth:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:pepperl-fuchs:wha-gw-f2d2-0-as-z2-eth.eip_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:pepperl-fuchs:wha-gw-f2d2-0-as-z2-eth.eip:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-08-31 11:15

Updated : 2024-02-28 18:28

NVD link : CVE-2021-34561

Mitre link : CVE-2021-34561

CVE.ORG link : CVE-2021-34561

JSON object : View

Products Affected

pepperl-fuchs

wha-gw-f2d2-0-as-z2-eth.eip_firmware
wha-gw-f2d2-0-as-z2-eth.eip
wha-gw-f2d2-0-as-z2-eth_firmware
wha-gw-f2d2-0-as-z2-eth

CWE

CWE-350

Reliance on Reverse DNS Resolution for a Security-Critical Action

{"id": "CVE-2021-34561", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}]}, "published": "2021-08-31T11:15:07.467", "references": [{"url": "https://cert.vde.com/en-us/advisories/vde-2021-027", "tags": ["Third Party Advisory"], "source": "info@cert.vde.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-350"}]}], "descriptions": [{"lang": "en", "value": "In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.8 serious issue exists, if the application is not externally accessible or uses IP-based access restrictions. Attackers can use DNS Rebinding to bypass any IP or firewall based access restrictions that may be in place, by proxying through their target's browser."}, {"lang": "es", "value": "En PEPPERL+FUCHS WirelessHART-Gateway versiones anteriores a 3.0.8 incluy\u00e9ndola, se presenta un problema grave, si la aplicaci\u00f3n no es accesible externamente o usa restricciones de acceso basadas en IP. Los atacantes pueden usar DNS Rebinding para omitir cualquier restricci\u00f3n de acceso basada en IP o firewall que pueda presentarse, al hacer proxy mediante el navegador de su objetivo"}], "lastModified": "2022-09-29T15:24:29.143", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:wha-gw-f2d2-0-as-z2-eth_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D28EDBE-97CB-4253-9BC2-9B97B03B411A", "versionEndIncluding": "3.0.8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:wha-gw-f2d2-0-as-z2-eth:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "31ADD5AF-680A-4C79-B219-DAF256FD4D09"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:pepperl-fuchs:wha-gw-f2d2-0-as-z2-eth.eip_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EE619F0-14C8-4670-A1CA-D6B261E63E6F", "versionEndIncluding": "3.0.8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:pepperl-fuchs:wha-gw-f2d2-0-as-z2-eth.eip:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6B743365-D2E7-4C47-B98B-CD5AFDC1B540"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "info@cert.vde.com"}