Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-7575

A vulnerability has been identified in Climatix POL908 (BACnet/IP module) (All versions), Climatix POL909 (AWM module) (All versions < V11.32). A persistent cross-site scripting (XSS) vulnerability exists in the web server access log page of the affected devices that could allow an attacker to inject arbitrary JavaScript code via specially crafted GET requests. The code could be potentially executed later by another (privileged) user. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges. An attacker could use the vulnerability to compromise the confidentiality and integrity of other users' web sessions.

Published

2020-04-14T20:15:15.543

Last Modified

2024-11-21T05:37:24.323

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-80
Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	siemens	climatix_pol908_firmware	*	Yes
Hardware	siemens	climatix_pol908	-	No
Operating System	siemens	climatix_pol909_firmware	< 11.32	Yes
Hardware	siemens	climatix_pol909	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-886514.pdf Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-886514.pdf Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)