CVE-2019-19393

The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other client-side scripts) as the content is always displayed after and before login. Persistent XSS allows an attacker to modify displayed content or to change the victim's information. Successful exploitation requires access to the web management interface, either with valid credentials or a hijacked session.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://github.com/miguelhamal/CVE-2019-19393	Third Party Advisory
https://www.rittal.us/monitoring-security/cmc-iii.html	Broken Link Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:rittal:cmc_pu_iii_7030.000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:rittal:cmc_pu_iii_7030.000:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-10-01 17:15

Updated : 2023-12-10 13:41

NVD link : CVE-2019-19393

Mitre link : CVE-2019-19393

CVE.ORG link : CVE-2019-19393

JSON object : View

Products Affected

rittal

cmc_pu_iii_7030.000_firmware
cmc_pu_iii_7030.000

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2019-19393", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2020-10-01T17:15:13.057", "references": [{"url": "https://github.com/miguelhamal/CVE-2019-19393", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.rittal.us/monitoring-security/cmc-iii.html", "tags": ["Broken Link", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other client-side scripts) as the content is always displayed after and before login. Persistent XSS allows an attacker to modify displayed content or to change the victim's information. Successful exploitation requires access to the web management interface, either with valid credentials or a hijacked session."}, {"lang": "es", "value": "La aplicaci\u00f3n Web de los dispositivos Rittal CMC PU III 7030.000 versiones V3.00, V3.11.00_2 hasta V3.15.70_4, no sanea la entrada del usuario en la p\u00e1gina system configurations. Esto permite a un atacante hacer una puerta trasera en el dispositivo con HTML y contenido interpretado por el navegador (como JavaScript u otros scripts del lado del cliente) ya que el contenido es siempre mostrado antes y despu\u00e9s del inicio de sesi\u00f3n. Una vulnerabilidad de tipo XSS persistente permite a un atacante modificar el contenido mostrado o cambiar la informaci\u00f3n de la v\u00edctima. Una explotaci\u00f3n con \u00e9xito requiere acceso a la interfaz de administraci\u00f3n web, ya sea con credenciales v\u00e1lidas o una sesi\u00f3n secuestrada"}], "lastModified": "2020-10-13T13:40:50.527", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:rittal:cmc_pu_iii_7030.000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6543A85E-D583-4845-8708-A9014E76D411", "versionEndIncluding": "3.15.70_4", "versionStartIncluding": "3.11.00_2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:rittal:cmc_pu_iii_7030.000:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8DC10999-2CB2-4607-9D48-3047B09502BB", "versionEndIncluding": "6.01", "versionStartIncluding": "3.00"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}