CVE-2024-47563

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate a file path that is supplied to an endpoint intended to create CSR files. This could allow an unauthenticated remote attacker to create files in writable directories outside the intended location and thus compromise integrity of files in those writable directories.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/html/ssa-430425.html	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:siemens:sinec_security_monitor:*:*:*:*:*:*:*:*

History

11 Oct 2024, 20:05

Type	Values Removed	Values Added
First Time		Siemens Siemens sinec Security Monitor
CPE		cpe:2.3:a:siemens:sinec_security_monitor::::::::
References	~~() https://cert-portal.siemens.com/productcert/html/ssa-430425.html -~~	() https://cert-portal.siemens.com/productcert/html/ssa-430425.html - Third Party Advisory

10 Oct 2024, 12:56

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad en Siemens SINEC Security Monitor (todas las versiones anteriores a la V4.9.0). La aplicación afectada no valida correctamente la ruta de archivo que se proporciona a un endpoint destinado a crear archivos CSR. Esto podría permitir que un atacante remoto no autenticado cree archivos en directorios editables fuera de la ubicación prevista y, por lo tanto, comprometa la integridad de los archivos en esos directorios editables.

08 Oct 2024, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-08 09:15

Updated : 2024-10-11 20:05

NVD link : CVE-2024-47563

Mitre link : CVE-2024-47563

CVE.ORG link : CVE-2024-47563

JSON object : View

Products Affected

siemens

sinec_security_monitor

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2024-47563", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "productcert@siemens.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 6.9, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "LOW", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "NONE", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-08T09:15:18.403", "references": [{"url": "https://cert-portal.siemens.com/productcert/html/ssa-430425.html", "tags": ["Third Party Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate a file path that is supplied to an endpoint intended to create CSR files.\r\nThis could allow an unauthenticated remote attacker to create files in writable directories outside the intended location and thus compromise integrity of files in those writable directories."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en Siemens SINEC Security Monitor (todas las versiones anteriores a la V4.9.0). La aplicaci\u00f3n afectada no valida correctamente la ruta de archivo que se proporciona a un endpoint destinado a crear archivos CSR. Esto podr\u00eda permitir que un atacante remoto no autenticado cree archivos en directorios editables fuera de la ubicaci\u00f3n prevista y, por lo tanto, comprometa la integridad de los archivos en esos directorios editables."}], "lastModified": "2024-10-11T20:05:05.143", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sinec_security_monitor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBEABA88-D7CD-47F5-9635-C493A750EFD7", "versionEndExcluding": "4.9.0"}], "operator": "OR"}]}], "sourceIdentifier": "productcert@siemens.com"}