Sign-up

ID

VAR-200902-0036


CVE

CVE-2009-0472


TITLE

Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge cross-site scripting vulnerability

Trust: 1.6

sources: CERT/CC: VU#882619 // JVNDB: JVNDB-2009-001051

DESCRIPTION

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Contains a cross-site scripting vulnerability. Rockwell Logix Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Uses a web interface to display log files and status information. As a result, there is a possibility that data is forged or a user is directed to an unintended site. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. Automation ControlLogix is ​​an industrial automation control system developed by Rockwell. ---------------------------------------------------------------------- Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more: http://secunia.com/advisories/business_solutions/ ---------------------------------------------------------------------- TITLE: ControlLogix 1756-ENTB/A Ethernet/IP Bridge Vulnerabilities SECUNIA ADVISORY ID: SA33783 VERIFY ADVISORY: http://secunia.com/advisories/33783/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: >From remote OPERATING SYSTEM: ControlLogix 1756-ENTB/A Ethernet/IP Bridge http://secunia.com/advisories/product/21337/ DESCRIPTION: Some vulnerabilities and a weakness have been reported in ControlLogix 1756-ENTB/A Ethernet/IP Bridge, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose potentially sensitive information. 1) Certain unspecified input passed to the web interface is not properly sanitised before being returned to the user. 2) An unspecified error in the web interface can be exploited to disclose potentially sensitive internal web page information. SOLUTION: A fixed firmware version is scheduled for release July, 2009. Filter malicious characters and character sequences in a proxy. PROVIDED AND/OR DISCOVERED BY: 1) US-CERT credits Daniel Peck of Digital Bond, Inc. 2) Reported by the vendor. ORIGINAL ADVISORY: US-CERT VU#882619: http://www.kb.cert.org/vuls/id/882619 Rockwell Automation: http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.97

sources: NVD: CVE-2009-0472 // CERT/CC: VU#882619 // JVNDB: JVNDB-2009-001051 // BID: 33638 // IVD: b38cf2fe-23cc-11e6-abef-000c29c66e3d // VULHUB: VHN-37918 // PACKETSTORM: 74765

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: b38cf2fe-23cc-11e6-abef-000c29c66e3d

AFFECTED PRODUCTS

vendor:rockwellautomationmodel:controllogix 1756-enbt\/a ethernet\/ ip bridgescope:eqversion: -

Trust: 1.6

vendor:rockwell automationmodel: - scope: - version: -

Trust: 0.8

vendor:rockwell automationmodel:logix automation controllogix 1756-enbt/a ethernet/ip bridgescope: - version: -

Trust: 0.8

vendor:rockwellmodel:automation controllogix 1756-enbt/a ethernet/ip bridgescope:eqversion:0

Trust: 0.3

vendor:controllogix 1756 enbt a ethernet ip bridgemodel: - scope:eqversion: -

Trust: 0.2

sources: IVD: b38cf2fe-23cc-11e6-abef-000c29c66e3d // CERT/CC: VU#882619 // BID: 33638 // JVNDB: JVNDB-2009-001051 // CNNVD: CNNVD-200902-139 // NVD: CVE-2009-0472

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-0472
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#882619
value: 0.05

Trust: 0.8

NVD: CVE-2009-0472
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200902-139
value: MEDIUM

Trust: 0.6

IVD: b38cf2fe-23cc-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-37918
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2009-0472
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: b38cf2fe-23cc-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-37918
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: b38cf2fe-23cc-11e6-abef-000c29c66e3d // CERT/CC: VU#882619 // VULHUB: VHN-37918 // JVNDB: JVNDB-2009-001051 // CNNVD: CNNVD-200902-139 // NVD: CVE-2009-0472

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-37918 // JVNDB: JVNDB-2009-001051 // NVD: CVE-2009-0472

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200902-139

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 74765 // CNNVD: CNNVD-200902-139

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2009-001051

PATCH
title:ControlLogix 1756-ENTB/A Ethernet/IP Bridge - Potential Security Vulnerabilitiesurl:http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729
Trust: 0.8
title:Reference Architectures for Manufacturing from Rockwell Automationurl:http://www.ab.com/networks/architectures.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-001051

EXTERNAL IDS
db:CERT/CCid:VU#882619
Trust: 3.7
db:BIDid:33638
Trust: 2.8
db:NVDid:CVE-2009-0472
Trust: 2.7
db:SECUNIAid:33783
Trust: 2.7
db:VUPENid:ADV-2009-0347
Trust: 2.5
db:CNNVDid:CNNVD-200902-139
Trust: 0.8
db:JVNDBid:JVNDB-2009-001051
Trust: 0.8
db:IVDid:B38CF2FE-23CC-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-37918
Trust: 0.1
db:PACKETSTORMid:74765
Trust: 0.1
sources:
            
            
            IVD: b38cf2fe-23cc-11e6-abef-000c29c66e3d // 
            
            
            
            CERT/CC: VU#882619 // 
            
            
            
            VULHUB: VHN-37918 // 
            
            
            
            BID: 33638 // 
            
            
            
            JVNDB: JVNDB-2009-001051 // 
            
            
            
            PACKETSTORM: 74765 // 
            
            
            
            CNNVD: CNNVD-200902-139 // 
            
            
            
            NVD: CVE-2009-0472

REFERENCES
url:http://www.kb.cert.org/vuls/id/882619
Trust: 2.9
url:http://www.securityfocus.com/bid/33638
Trust: 2.5
url:http://secunia.com/advisories/33783
Trust: 2.5
url:http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729
Trust: 2.1
url:http://www.vupen.com/english/advisories/2009/0347
Trust: 1.9
url:http://rockwellautomation.custhelp.com/app/answers/detail/a_id/57729
Trust: 0.8
url:http://www.ab.com/networks/architectures.html
Trust: 0.8
url:http://en.wikipedia.org/w/index.php?title=cross-site_scripting&oldid=268497783
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0472
Trust: 0.8
url:http://jvn.jp/cert/jvnvu882619/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0472
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2009/0347
Trust: 0.6
url:http://www.rockwellautomation.com/
Trust: 0.3
url:http://secunia.com/advisories/product/21337/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/business_solutions/
Trust: 0.1
url:http://secunia.com/advisories/33783/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#882619 // 
            
            
            
            VULHUB: VHN-37918 // 
            
            
            
            BID: 33638 // 
            
            
            
            JVNDB: JVNDB-2009-001051 // 
            
            
            
            PACKETSTORM: 74765 // 
            
            
            
            CNNVD: CNNVD-200902-139 // 
            
            
            
            NVD: CVE-2009-0472

CREDITS
Daniel Peck of Digital Bond
Trust: 0.9
sources:
            
            
            BID: 33638 // 
            
            
            
            CNNVD: CNNVD-200902-139

SOURCES
db:IVDid:b38cf2fe-23cc-11e6-abef-000c29c66e3d
db:CERT/CCid:VU#882619
db:VULHUBid:VHN-37918
db:BIDid:33638
db:JVNDBid:JVNDB-2009-001051
db:PACKETSTORMid:74765
db:CNNVDid:CNNVD-200902-139
db:NVDid:CVE-2009-0472

LAST UPDATE DATE
2025-04-10T23:00:34.987000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#882619date:2011-05-12T00:00:00
db:VULHUBid:VHN-37918date:2011-03-08T00:00:00
db:BIDid:33638date:2009-02-09T20:18:00
db:JVNDBid:JVNDB-2009-001051date:2009-03-05T00:00:00
db:CNNVDid:CNNVD-200902-139date:2009-02-26T00:00:00
db:NVDid:CVE-2009-0472date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:IVDid:b38cf2fe-23cc-11e6-abef-000c29c66e3ddate:2009-02-06T00:00:00
db:CERT/CCid:VU#882619date:2009-02-05T00:00:00
db:VULHUBid:VHN-37918date:2009-02-06T00:00:00
db:BIDid:33638date:2009-02-05T00:00:00
db:JVNDBid:JVNDB-2009-001051date:2009-03-05T00:00:00
db:PACKETSTORMid:74765date:2009-02-09T08:44:35
db:CNNVDid:CNNVD-200902-139date:2009-02-06T00:00:00
db:NVDid:CVE-2009-0472date:2009-02-06T19:30:00.563