Details of VAR-201906-0896

ID

VAR-201906-0896

CVE

CVE-2018-18875

TITLE

Columbia Weather Systems Weather MicroServer Cross-Site Scripting Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2019-07791 // CNNVD: CNNVD-201903-654

DESCRIPTION

In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a stored Cross-site scripting (XSS) vulnerability allows remote authenticated users to inject arbitrary web script via changestationname.php. Columbia Weather MicroServer Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. ColumbiaWeatherSystemsWeatherMicroServer is a weather monitoring device from Columbia WeatherSystems, USA. A cross-site scripting vulnerability exists in ColumbiaWeatherSystemsWeatherMicroServerMS_2.6.9900 and earlier that caused the program to fail to validate input correctly. A remote attacker can exploit this vulnerability to execute arbitrary web scripts. A directory traversal vulnerability 2. Multiple cross-site scripting vulnerabilities 3. An authentication bypass vulnerability 4. A remote code-injection vulnerability 5. A denial-of-service vulnerability An attacker may leverage these issues to view arbitrary files within the context of the server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information or cause denial-of-service condition. This may aid in further attacks. The vulnerability stems from the lack of correct validation of client data in WEB applications

Trust: 2.52

sources: NVD: CVE-2018-18875 // JVNDB: JVNDB-2018-015656 // CNVD: CNVD-2019-07791 // BID: 107495 // VULHUB: VHN-129478

IOT TAXONOMY

category:

['ICS', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-07791

AFFECTED PRODUCTS

vendor:	columbiaweather	model:	weather microserver	scope:	eq	version:	ms_2.6.9900	Trust: 1.0
vendor:	columbia weather	model:	microserver	scope:	eq	version:	ms_2.6.9900	Trust: 0.8
vendor:	columbia	model:	weather systems columbia weather systems weather microserver <=ms 2.6.9900	scope:	-	version:	-	Trust: 0.6
vendor:	columbia	model:	weather systems weather microserver ms 2.6.9900	scope:	-	version:	-	Trust: 0.3
vendor:	columbia	model:	weather systems weather microserver ms 2.7.9973	scope:	ne	version:	-	Trust: 0.3

sources: CNVD: CNVD-2019-07791 // BID: 107495 // JVNDB: JVNDB-2018-015656 // NVD: CVE-2018-18875

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-18875
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-18875
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2019-07791
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201903-654
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-129478
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2018-18875
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-07791
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-129478
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-18875
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.3
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2019-07791 // VULHUB: VHN-129478 // JVNDB: JVNDB-2018-015656 // CNNVD: CNNVD-201903-654 // NVD: CVE-2018-18875

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-129478 // JVNDB: JVNDB-2018-015656 // NVD: CVE-2018-18875

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201903-654

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201903-654

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-015656

PATCH

title:	Weather MicroServer	url:	https://columbiaweather.com/products/weather-monitoring/microserver/	Trust: 0.8
title:	Patch for Columbia WeatherSystemsWeatherMicroServer Cross-Site Scripting Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/156839	Trust: 0.6
title:	Columbia Weather Systems Weather MicroServer Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90210	Trust: 0.6

sources: CNVD: CNVD-2019-07791 // JVNDB: JVNDB-2018-015656 // CNNVD: CNNVD-201903-654

EXTERNAL IDS

db:	NVD	id:	CVE-2018-18875	Trust: 3.4
db:	ICS CERT	id:	ICSA-19-078-02	Trust: 3.4
db:	BID	id:	107495	Trust: 0.9
db:	JVNDB	id:	JVNDB-2018-015656	Trust: 0.8
db:	CNNVD	id:	CNNVD-201903-654	Trust: 0.7
db:	CNVD	id:	CNVD-2019-07791	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.0903	Trust: 0.6
db:	VULHUB	id:	VHN-129478	Trust: 0.1

sources: CNVD: CNVD-2019-07791 // VULHUB: VHN-129478 // BID: 107495 // JVNDB: JVNDB-2018-015656 // CNNVD: CNNVD-201903-654 // NVD: CVE-2018-18875

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-078-02	Trust: 3.4
url:	https://applied-risk.com/labs/advisories	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-18875	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18875	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/77442	Trust: 0.6
url:	http://www.securityfocus.com/bid/107495	Trust: 0.6
url:	https://columbiaweather.com/	Trust: 0.3
url:	https://columbiaweather.com/products/weather-monitoring/microserver/	Trust: 0.3

sources: CNVD: CNVD-2019-07791 // VULHUB: VHN-129478 // BID: 107495 // JVNDB: JVNDB-2018-015656 // CNNVD: CNNVD-201903-654 // NVD: CVE-2018-18875

CREDITS

John Elder and Tom Westenberg of Applied Risk.,John Elder and Tom Westenberg of Applied Risk reported these vulnerabilities to NCCIC.

Trust: 0.6

sources: CNNVD: CNNVD-201903-654

SOURCES

db:	CNVD	id:	CNVD-2019-07791
db:	VULHUB	id:	VHN-129478
db:	BID	id:	107495
db:	JVNDB	id:	JVNDB-2018-015656
db:	CNNVD	id:	CNNVD-201903-654
db:	NVD	id:	CVE-2018-18875

LAST UPDATE DATE

2024-11-23T21:59:50.956000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-07791	date:	2019-03-22T00:00:00
db:	VULHUB	id:	VHN-129478	date:	2019-06-18T00:00:00
db:	BID	id:	107495	date:	2019-03-19T00:00:00
db:	JVNDB	id:	JVNDB-2018-015656	date:	2019-06-21T00:00:00
db:	CNNVD	id:	CNNVD-201903-654	date:	2019-06-19T00:00:00
db:	NVD	id:	CVE-2018-18875	date:	2024-11-21T03:56:47.960

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-07791	date:	2019-03-22T00:00:00
db:	VULHUB	id:	VHN-129478	date:	2019-06-18T00:00:00
db:	BID	id:	107495	date:	2019-03-19T00:00:00
db:	JVNDB	id:	JVNDB-2018-015656	date:	2019-06-21T00:00:00
db:	CNNVD	id:	CNNVD-201903-654	date:	2019-03-19T00:00:00
db:	NVD	id:	CVE-2018-18875	date:	2019-06-18T15:15:11.313