Sign-up

ID

VAR-201506-0242


CVE

CVE-2015-4174


TITLE

Siemens Climatix BACnet/IP Communication Module Cross-Site Scripting Vulnerability

Trust: 1.4

sources: IVD: 887784a6-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-04151 // CNNVD: CNNVD-201506-584

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the integrated web server on the Siemens Climatix BACnet/IP communication module with firmware before 10.34 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. The Siemens Climatix BACnet/IP communication module is a communication module in the BACnet network of Siemens AG. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks

Trust: 2.7

sources: NVD: CVE-2015-4174 // JVNDB: JVNDB-2015-003294 // CNVD: CNVD-2015-04151 // BID: 75427 // IVD: 887784a6-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-82135

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 887784a6-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-04151

AFFECTED PRODUCTS

vendor:siemensmodel:climatix bacnet\/ipscope:lteversion:10.33

Trust: 1.0

vendor:siemensmodel:climatix bacnet/ipscope:ltversion:communication module firmware 10.34

Trust: 0.8

vendor:siemensmodel:climatix bacnet/ip communication module withscope:ltversion:10.34

Trust: 0.6

vendor:siemensmodel:climatix bacnet\/ipscope:eqversion:10.33

Trust: 0.6

vendor:siemensmodel:climatix bacnet/ipscope:eqversion:10.33

Trust: 0.3

vendor:siemensmodel:climatix bacnet/ipscope:neversion:10.34

Trust: 0.3

vendor:climatix bacnet ipmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 887784a6-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-04151 // BID: 75427 // JVNDB: JVNDB-2015-003294 // CNNVD: CNNVD-201506-584 // NVD: CVE-2015-4174

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-4174
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-4174
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-04151
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201506-584
value: MEDIUM

Trust: 0.6

IVD: 887784a6-2351-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-82135
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-4174
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-04151
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 887784a6-2351-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-82135
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 887784a6-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-04151 // VULHUB: VHN-82135 // JVNDB: JVNDB-2015-003294 // CNNVD: CNNVD-201506-584 // NVD: CVE-2015-4174

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-82135 // JVNDB: JVNDB-2015-003294 // NVD: CVE-2015-4174

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201506-584

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201506-584

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-003294

PATCH
title:SSA-14251url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-142512.pdf
Trust: 0.8
title:Patch for Siemens Climatix BACnet/IP Communication Module Cross-Site Scripting Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/60203
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-04151 // 
            
            
            
            JVNDB: JVNDB-2015-003294

EXTERNAL IDS
db:NVDid:CVE-2015-4174
Trust: 3.6
db:ICS CERTid:ICSA-15-176-01
Trust: 3.4
db:SIEMENSid:SSA-142512
Trust: 2.3
db:BIDid:75427
Trust: 1.4
db:PACKETSTORMid:132514
Trust: 1.1
db:CNNVDid:CNNVD-201506-584
Trust: 0.9
db:CNVDid:CNVD-2015-04151
Trust: 0.8
db:JVNDBid:JVNDB-2015-003294
Trust: 0.8
db:IVDid:887784A6-2351-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-82135
Trust: 0.1
sources:
            
            
            IVD: 887784a6-2351-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2015-04151 // 
            
            
            
            VULHUB: VHN-82135 // 
            
            
            
            BID: 75427 // 
            
            
            
            JVNDB: JVNDB-2015-003294 // 
            
            
            
            CNNVD: CNNVD-201506-584 // 
            
            
            
            NVD: CVE-2015-4174

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-15-176-01
Trust: 3.4
url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-142512.pdf
Trust: 2.3
url:http://www.securityfocus.com/bid/75427
Trust: 1.1
url:http://packetstormsecurity.com/files/132514/climatix-bacnet-ip-communication-module-cross-site-scripting.html
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4174
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4174
Trust: 0.8
url:http://www.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2015-04151 // 
            
            
            
            VULHUB: VHN-82135 // 
            
            
            
            BID: 75427 // 
            
            
            
            JVNDB: JVNDB-2015-003294 // 
            
            
            
            CNNVD: CNNVD-201506-584 // 
            
            
            
            NVD: CVE-2015-4174

CREDITS
Juan Francisco Bolivar Hernandez
Trust: 0.3
sources:
            
            
            BID: 75427

SOURCES
db:IVDid:887784a6-2351-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2015-04151
db:VULHUBid:VHN-82135
db:BIDid:75427
db:JVNDBid:JVNDB-2015-003294
db:CNNVDid:CNNVD-201506-584
db:NVDid:CVE-2015-4174

LAST UPDATE DATE
2025-04-13T23:04:15.365000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-04151date:2015-07-01T00:00:00
db:VULHUBid:VHN-82135date:2016-12-07T00:00:00
db:BIDid:75427date:2015-06-26T00:00:00
db:JVNDBid:JVNDB-2015-003294date:2015-06-30T00:00:00
db:CNNVDid:CNNVD-201506-584date:2015-06-30T00:00:00
db:NVDid:CVE-2015-4174date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:IVDid:887784a6-2351-11e6-abef-000c29c66e3ddate:2015-07-01T00:00:00
db:CNVDid:CNVD-2015-04151date:2015-07-01T00:00:00
db:VULHUBid:VHN-82135date:2015-06-28T00:00:00
db:BIDid:75427date:2015-06-26T00:00:00
db:JVNDBid:JVNDB-2015-003294date:2015-06-30T00:00:00
db:CNNVDid:CNNVD-201506-584date:2015-06-29T00:00:00
db:NVDid:CVE-2015-4174date:2015-06-28T10:59:02.363