Sign-up

ID

VAR-201204-0131


CVE

CVE-2012-1807


TITLE

Of multiple Koyo Electronics Industries products Web Server cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2012-002075

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Koyo ECOM100 Ethernet is an Ethernet module. This module is used for communication between the PLC and the control system. There are several security vulnerabilities in Koyo ECOM100 Ethernet, including: (1) Using an 8-byte password weak authentication mechanism. (2) There is a replay attack. (3) The WEB server does not have any verification mechanism. (4) There is a buffer overflow in the WEB server. (6) The WEB server has a denial of service attack, which can consume a lot of resources. A buffer-overflow vulnerability. 2. A denial-of-service vulnerability. 3. Multiple security-bypass vulnerabilities. 4. A cross site-scripting vulnerability. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, cause denial-of-service conditions, bypass some security restrictions, allow an attacker to steal cookie-based information, or execute script code in the context of the browser of an unsuspecting user; other attacks may also be possible. ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Koyo ECOM100 Ethernet Module Cross-Site Scripting and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA47735 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47735/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 RELEASE DATE: 2012-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/47735/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47735/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47735 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Koyo ECOM100 Ethernet Module, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) Certain unspecified input is not properly sanitised before being returned to the user. SOLUTION: Filter malicious characters and character sequences in a proxy. Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Reid Wightman via Digital Bond\x92s SCADA Security Scientific Symposium (S4). ORIGINAL ADVISORY: ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-05.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.7

sources: NVD: CVE-2012-1807 // JVNDB: JVNDB-2012-002075 // CNVD: CNVD-2012-0371 // BID: 51634 // IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // PACKETSTORM: 108987

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0371

AFFECTED PRODUCTS

vendor:koyomodel:h0-ecomscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h2-ecomscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h0-ecom100scope:eqversion:*

Trust: 1.0

vendor:koyomodel:h2-ecom-fscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h4-ecom-fscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h4-ecomscope:eqversion:*

Trust: 1.0

vendor:koyomodel:h2-ecom100scope:eqversion:*

Trust: 1.0

vendor:koyomodel:h4-ecom100scope:eqversion:*

Trust: 1.0

vendor:koyomodel:ecom100 ethernet modulescope:eqversion:0

Trust: 0.9

vendor:koyo industrymodel:h0-ecomscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h0-ecom100scope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h2-ecomscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h2-ecom-fscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h2-ecom100scope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h4-ecomscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h4-ecom-fscope: - version: -

Trust: 0.8

vendor:koyo industrymodel:h4-ecom100scope: - version: -

Trust: 0.8

vendor:koyomodel:h4-ecomscope: - version: -

Trust: 0.6

vendor:koyomodel:h2-ecom100scope: - version: -

Trust: 0.6

vendor:koyomodel:h4-ecom-fscope: - version: -

Trust: 0.6

vendor:koyomodel:h4-ecom100scope: - version: -

Trust: 0.6

vendor:koyomodel:h0-ecomscope: - version: -

Trust: 0.6

vendor:koyomodel:h2-ecom-fscope: - version: -

Trust: 0.6

vendor:koyomodel:h2-ecomscope: - version: -

Trust: 0.6

vendor:koyomodel:h0-ecom100scope: - version: -

Trust: 0.6

vendor:koyomodel:h4-ecom100scope:eqversion:0

Trust: 0.3

vendor:koyomodel:h4-ecom-fscope:eqversion:0

Trust: 0.3

vendor:koyomodel:h4-ecomscope:eqversion:0

Trust: 0.3

vendor:koyomodel:h2-ecom100scope:eqversion:0

Trust: 0.3

vendor:koyomodel:h2-ecom-fscope:eqversion:0

Trust: 0.3

vendor:koyomodel:h2-ecomscope:eqversion:0

Trust: 0.3

vendor:koyomodel:h0-ecom100scope:eqversion:0

Trust: 0.3

vendor:koyomodel:h0-ecomscope:eqversion:0

Trust: 0.3

vendor:h0 ecommodel: - scope:eqversion:*

Trust: 0.2

vendor:h0 ecom100model: - scope:eqversion:*

Trust: 0.2

vendor:h2 ecommodel: - scope:eqversion:*

Trust: 0.2

vendor:h2 ecom fmodel: - scope:eqversion:*

Trust: 0.2

vendor:h2 ecom100model: - scope:eqversion:*

Trust: 0.2

vendor:h4 ecommodel: - scope:eqversion:*

Trust: 0.2

vendor:h4 ecom fmodel: - scope:eqversion:*

Trust: 0.2

vendor:h4 ecom100model: - scope:eqversion:*

Trust: 0.2

sources: IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0371 // BID: 51634 // JVNDB: JVNDB-2012-002075 // NVD: CVE-2012-1807 // CNNVD: CNNVD-201202-026

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2012-1807
value: MEDIUM

Trust: 1.8

CNNVD: CNNVD-201202-026
value: MEDIUM

Trust: 0.6

IVD: f2b150f2-2353-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

NVD:
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: TRUE
version: 2.0

Trust: 1.0

NVD: CVE-2012-1807
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IVD: f2b150f2-2353-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // JVNDB: JVNDB-2012-002075 // NVD: CVE-2012-1807 // CNNVD: CNNVD-201202-026

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2012-002075 // NVD: CVE-2012-1807

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-026

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 108987 // CNNVD: CNNVD-201202-026

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2012-1807

PATCH
title:Top Pageurl:http://www.koyoele.co.jp/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-002075

EXTERNAL IDS
db:NVDid:CVE-2012-1807
Trust: 2.9
db:ICS CERTid:ICSA-12-102-02
Trust: 2.7
db:BIDid:51634
Trust: 1.5
db:ICS CERT ALERTid:ICS-ALERT-12-020-05
Trust: 1.0
db:CNNVDid:CNNVD-201202-026
Trust: 0.8
db:JVNDBid:JVNDB-2012-002075
Trust: 0.8
db:CNVDid:CNVD-2012-0371
Trust: 0.6
db:ICS CERT ALERTid:ICS-ALERT-12-020-05A
Trust: 0.3
db:IVDid:F2B150F2-2353-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:SECUNIAid:47735
Trust: 0.2
db:PACKETSTORMid:108987
Trust: 0.1
sources:
            
            
            IVD: f2b150f2-2353-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2012-0371 // 
            
            
            
            BID: 51634 // 
            
            
            
            JVNDB: JVNDB-2012-002075 // 
            
            
            
            PACKETSTORM: 108987 // 
            
            
            
            NVD: CVE-2012-1807 // 
            
            
            
            CNNVD: CNNVD-201202-026

REFERENCES
url:http://www.us-cert.gov/control_systems/pdf/icsa-12-102-02.pdf
Trust: 2.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1807
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1807
Trust: 0.8
url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-020-05.pdfhttp
Trust: 0.6
url:http://www.securityfocus.com/bid/51634
Trust: 0.6
url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-020-05.pdf
Trust: 0.4
url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-020-05a.pdf
Trust: 0.3
url:http://www.koyoele.co.jp/english/index.html
Trust: 0.3
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=47735
Trust: 0.1
url:http://secunia.com/advisories/47735/#comments
Trust: 0.1
url:http://secunia.com/company/jobs/
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/47735/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2012-0371 // 
            
            
            
            BID: 51634 // 
            
            
            
            JVNDB: JVNDB-2012-002075 // 
            
            
            
            PACKETSTORM: 108987 // 
            
            
            
            NVD: CVE-2012-1807 // 
            
            
            
            CNNVD: CNNVD-201202-026

CREDITS
Reid Wightman
Trust: 0.9
sources:
            
            
            BID: 51634 // 
            
            
            
            CNNVD: CNNVD-201202-026

SOURCES
db:IVDid:f2b150f2-2353-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-0371
db:BIDid:51634
db:JVNDBid:JVNDB-2012-002075
db:PACKETSTORMid:108987
db:NVDid:CVE-2012-1807
db:CNNVDid:CNNVD-201202-026

LAST UPDATE DATE
2023-12-18T12:22:02.990000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2012-0371date:2012-02-03T00:00:00
db:BIDid:51634date:2012-04-11T22:40:00
db:JVNDBid:JVNDB-2012-002075date:2012-04-17T00:00:00
db:NVDid:CVE-2012-1807date:2012-04-16T13:53:40.070
db:CNNVDid:CNNVD-201202-026date:2012-04-17T00:00:00

SOURCES RELEASE DATE
db:IVDid:f2b150f2-2353-11e6-abef-000c29c66e3ddate:1900-01-01T00:00:00
db:CNVDid:CNVD-2012-0371date:2012-02-03T00:00:00
db:BIDid:51634date:2012-01-23T00:00:00
db:JVNDBid:JVNDB-2012-002075date:2012-04-17T00:00:00
db:PACKETSTORMid:108987date:2012-01-23T08:11:35
db:NVDid:CVE-2012-1807date:2012-04-13T17:55:01.213
db:CNNVDid:CNNVD-201202-026date:1900-01-01T00:00:00