Details of VAR-201903-0179

ID

VAR-201903-0179

CVE

CVE-2019-6528

TITLE

plural PSI GridConnect GmbH Input validation vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2019-002345

DESCRIPTION

PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy versions Telecontrol Gateway 3G Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway XS-MU Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Telecontrol Gateway VM Versions 4.2.21, 5.0.27, 5.1.19, 6.0.16 and prior, and Smart Telecontrol Unit TCG Versions 5.0.27, 5.1.19, 6.0.16 and prior, and IEC104 Security Proxy Version 2.2.10 and prior The web application browser interprets input as active HTML, JavaScript, or VBScript, which could allow an attacker to execute arbitrary code. Multiple PSI GridConnect GmbH Products are prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. A remote attacker could exploit this vulnerability to execute arbitrary scripts

Trust: 1.98

sources: NVD: CVE-2019-6528 // JVNDB: JVNDB-2019-002345 // BID: 107201 // VULHUB: VHN-157963

IOT TAXONOMY

category:

['network device']

sub_category:

gateway

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	psigridconnect	model:	smart telecontrol unit tcg	scope:	lt	version:	6.0.16	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway vm	scope:	gte	version:	5.1.21	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway 3g	scope:	lt	version:	5.1.20	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway 3g	scope:	gte	version:	5.1.21	Trust: 1.0
vendor:	psigridconnect	model:	smart telecontrol unit tcg	scope:	gte	version:	5.1.21	Trust: 1.0
vendor:	psigridconnect	model:	iec104 security proxy	scope:	lte	version:	2.2.10	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway vm	scope:	lt	version:	5.1.20	Trust: 1.0
vendor:	psigridconnect	model:	smart telecontrol unit tcg	scope:	lt	version:	5.1.20	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway xs-mu	scope:	lte	version:	6.0.16	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway xs-mu	scope:	lt	version:	5.1.20	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway 3g	scope:	lt	version:	6.0.16	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway xs-mu	scope:	gte	version:	5.1.21	Trust: 1.0
vendor:	psigridconnect	model:	telecontrol gateway vm	scope:	lte	version:	6.0.16	Trust: 1.0
vendor:	psi gridconnect	model:	iec104 security proxy	scope:	lte	version:	2.2.10	Trust: 0.8
vendor:	psi gridconnect	model:	smart telecontrol unit tcg	scope:	lte	version:	5.0.27	Trust: 0.8
vendor:	psi gridconnect	model:	smart telecontrol unit tcg	scope:	lte	version:	5.1.19	Trust: 0.8
vendor:	psi gridconnect	model:	smart telecontrol unit tcg	scope:	lte	version:	6.0.16	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	lte	version:	4.2.21	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	lte	version:	5.0.27	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	lte	version:	5.1.19	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	lte	version:	6.0.16	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	lte	version:	4.2.21	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	lte	version:	5.0.27	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	lte	version:	5.1.19	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	lte	version:	6.0.16	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	lte	version:	4.2.21	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	lte	version:	5.0.27	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	lte	version:	5.1.19	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	lte	version:	6.0.16	Trust: 0.8
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	eq	version:	5.1.19	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	eq	version:	5.0.27	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	eq	version:	4.2.21	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	eq	version:	6.0.16	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	eq	version:	5.1.19	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	eq	version:	5.0.27	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	eq	version:	4.2.21	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	eq	version:	6.0.16	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	eq	version:	5.1.19	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	eq	version:	5.0.27	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	eq	version:	4.2.21	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	eq	version:	0	Trust: 0.3
vendor:	psi gridconnect	model:	smart telecontrol unit tcg	scope:	eq	version:	6.0.16	Trust: 0.3
vendor:	psi gridconnect	model:	smart telecontrol unit tcg	scope:	eq	version:	5.1.19	Trust: 0.3
vendor:	psi gridconnect	model:	smart telecontrol unit tcg	scope:	eq	version:	5.0.27	Trust: 0.3
vendor:	psi gridconnect	model:	iec104 security proxy	scope:	eq	version:	2.2.10	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	ne	version:	6.0.17	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway xs-mu	scope:	ne	version:	5.1.20	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	ne	version:	6.0.17	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway vm	scope:	ne	version:	5.1.20	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	ne	version:	6.0.17	Trust: 0.3
vendor:	psi gridconnect	model:	telecontrol gateway 3g	scope:	ne	version:	5.1.20	Trust: 0.3
vendor:	psi gridconnect	model:	smart telecontrol unit tcg	scope:	ne	version:	6.0.17	Trust: 0.3
vendor:	psi gridconnect	model:	smart telecontrol unit tcg	scope:	ne	version:	5.1.20	Trust: 0.3
vendor:	psi gridconnect	model:	iec104 security proxy	scope:	ne	version:	2.2.11	Trust: 0.3

sources: BID: 107201 // JVNDB: JVNDB-2019-002345 // NVD: CVE-2019-6528

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-6528
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-6528
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201902-1008
value:	HIGH
Trust: 0.6
VULHUB:	VHN-157963
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-6528
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-157963
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-6528
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2019-6528
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-157963 // JVNDB: JVNDB-2019-002345 // CNNVD: CNNVD-201902-1008 // NVD: CVE-2019-6528

PROBLEMTYPE DATA

problemtype:	CWE-79	Trust: 1.1
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-157963 // JVNDB: JVNDB-2019-002345 // NVD: CVE-2019-6528

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201902-1008

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201902-1008

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-002345

PATCH

title:	Top Page	url:	https://www.psigridconnect.com	Trust: 0.8
title:	Multiple PSI GridConnect GmbH Fixes for product cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89710	Trust: 0.6

sources: JVNDB: JVNDB-2019-002345 // CNNVD: CNNVD-201902-1008

EXTERNAL IDS

db:	NVD	id:	CVE-2019-6528	Trust: 2.9
db:	ICS CERT	id:	ICSA-19-059-01	Trust: 2.8
db:	BID	id:	107201	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-002345	Trust: 0.8
db:	CNNVD	id:	CNNVD-201902-1008	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.0636	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1
db:	VULHUB	id:	VHN-157963	Trust: 0.1

sources: OTHER: None // VULHUB: VHN-157963 // BID: 107201 // JVNDB: JVNDB-2019-002345 // CNNVD: CNNVD-201902-1008 // NVD: CVE-2019-6528

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-059-01	Trust: 2.8
url:	http://www.securityfocus.com/bid/107201	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6528	Trust: 1.4
url:	https://www.psigridconnect.com/en/home/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6528	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/76302	Trust: 0.6
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1

sources: OTHER: None // VULHUB: VHN-157963 // BID: 107201 // JVNDB: JVNDB-2019-002345 // CNNVD: CNNVD-201902-1008 // NVD: CVE-2019-6528

CREDITS

M. Can Kurnaz,M. Can Kurnaz reported this vulnerability to NCCIC. NCCIC coordinated with BSI Germany.

Trust: 0.6

sources: CNNVD: CNNVD-201902-1008

SOURCES

db:	OTHER	id:	-
db:	VULHUB	id:	VHN-157963
db:	BID	id:	107201
db:	JVNDB	id:	JVNDB-2019-002345
db:	CNNVD	id:	CNNVD-201902-1008
db:	NVD	id:	CVE-2019-6528

LAST UPDATE DATE

2025-01-30T20:33:19.670000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-157963	date:	2020-10-19T00:00:00
db:	BID	id:	107201	date:	2019-02-28T00:00:00
db:	JVNDB	id:	JVNDB-2019-002345	date:	2019-04-08T00:00:00
db:	CNNVD	id:	CNNVD-201902-1008	date:	2020-10-22T00:00:00
db:	NVD	id:	CVE-2019-6528	date:	2024-11-21T04:46:38.030

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-157963	date:	2019-03-05T00:00:00
db:	BID	id:	107201	date:	2019-02-28T00:00:00
db:	JVNDB	id:	JVNDB-2019-002345	date:	2019-04-08T00:00:00
db:	CNNVD	id:	CNNVD-201902-1008	date:	2019-02-28T00:00:00
db:	NVD	id:	CVE-2019-6528	date:	2019-03-05T20:29:00.407