CVE-2021-34582 - OpenCVE

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Phoenixcontact	Fl Mguard 1105 Firmware Fl Mguard 1102 Firmware Fl Mguard 1102 Fl Mguard 1105

Configuration 1 [-]

AND

OR	cpe:2.3:o:phoenixcontact:fl_mguard_1102_firmware:1.4.0:::::::*
	cpe:2.3:o:phoenixcontact:fl_mguard_1102_firmware:1.4.1:::::::*
	cpe:2.3:o:phoenixcontact:fl_mguard_1102_firmware:1.5.0:::::::*

cpe:2.3:h:phoenixcontact:fl_mguard_1102:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:phoenixcontact:fl_mguard_1105_firmware:1.4.0:::::::*
	cpe:2.3:o:phoenixcontact:fl_mguard_1105_firmware:1.4.1:::::::*
	cpe:2.3:o:phoenixcontact:fl_mguard_1105_firmware:1.5.0:::::::*

cpe:2.3:h:phoenixcontact:fl_mguard_1105:-:*:*:*:*:*:*:*

References

Link	Resource
https://cert.vde.com/en/advisories/VDE-2021-046/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: CERTVDE

Published: 2021-11-10T00:00:00

Updated: 2021-11-10T11:22:04

Reserved: 2021-06-10T00:00:00

Link: CVE-2021-34582

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-11-10T12:15:15.227

Modified: 2022-07-28T09:32:58.160

Link: CVE-2021-34582

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "FL MGUARD", "vendor": "PHOENIX CONTACT", "versions": [{"lessThan": "FL MGUARD 1102 (No. 1153079)*", "status": "affected", "version": "1.4.0", "versionType": "custom"}, {"lessThan": "FL MGUARD 1105 (No. 1153078)*", "status": "affected", "version": "1.4.0", "versionType": "custom"}]}], "datePublic": "2021-11-10T00:00:00", "descriptions": [{"lang": "en", "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Cross-site Scripting (XSS)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-10T11:22:04", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"}], "solutions": [{"lang": "en", "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."}], "source": {"advisory": "VDE-2021-046", "discovery": "UNKNOWN"}, "title": "Phoenix Contact: FL MGUARD XSS through web-based management and REST API", "workarounds": [{"lang": "en", "value": "If an untrusted user may have exploited the vulnerability, it is recommended to revoke access for that user, and to re-upload the certificates on the Basic settings > LDAP and Logs > Remote logging pages through the REST API (i.e., without viewing these pages in the web-based management)."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "info@cert.vde.com", "DATE_PUBLIC": "2021-11-10T11:00:00.000Z", "ID": "CVE-2021-34582", "STATE": "PUBLIC", "TITLE": "Phoenix Contact: FL MGUARD XSS through web-based management and REST API"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "FL MGUARD", "version": {"version_data": [{"version_affected": ">=", "version_name": "FL MGUARD 1102 (No. 1153079)", "version_value": "1.4.0"}, {"version_affected": "<=", "version_name": "FL MGUARD 1102 (No. 1153079)", "version_value": "1.5.0 +1"}, {"version_affected": ">=", "version_name": "FL MGUARD 1105 (No. 1153078)", "version_value": "1.4.0"}, {"version_affected": "<=", "version_name": "FL MGUARD 1105 (No. 1153078)", "version_value": "1.5.0 +1"}]}}]}, "vendor_name": "PHOENIX CONTACT"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Cross-site Scripting (XSS)"}]}]}, "references": {"reference_data": [{"name": "https://cert.vde.com/en/advisories/VDE-2021-046/", "refsource": "CONFIRM", "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"}]}, "solution": [{"lang": "en", "value": "PHOENIX CONTACT recomments to upgrade to firmware version 1.5.1 (or any later version)."}], "source": {"advisory": "VDE-2021-046", "discovery": "UNKNOWN"}, "work_around": [{"lang": "en", "value": "If an untrusted user may have exploited the vulnerability, it is recommended to revoke access for that user, and to re-upload the certificates on the Basic settings > LDAP and Logs > Remote logging pages through the REST API (i.e., without viewing these pages in the web-based management)."}]}}}, "cveMetadata": {"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2021-34582", "datePublished": "2021-11-10T00:00:00", "dateReserved": "2021-06-10T00:00:00", "dateUpdated": "2021-11-10T11:22:04", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_1102_firmware:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AA1C71EF-C44F-4661-83AA-B65B704AE0B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_1102_firmware:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1819CD97-D92F-42A0-B8DB-C13D0B8D93B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_1102_firmware:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EF940FF8-56F3-40CB-B978-78C1F0985E87", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_1102:-:*:*:*:*:*:*:*", "matchCriteriaId": "093DE0FB-96BE-4971-A6A5-6404F02CB6CB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_1105_firmware:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "97534DA1-F536-454B-8ABD-B251A7B4AB9D", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_1105_firmware:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FE12A61D-73FD-423D-B7E5-C43EE7E4FC71", "vulnerable": true}, {"criteria": "cpe:2.3:o:phoenixcontact:fl_mguard_1105_firmware:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "BD02E727-CC42-4965-BC35-23CF0B63338F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:fl_mguard_1105:-:*:*:*:*:*:*:*", "matchCriteriaId": "E72161DC-0AC0-4603-A0CB-73940B951D66", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file."}, {"lang": "es", "value": "En Phoenix Contact FL MGUARD 1102 y 1105 en Versiones 1.4.0, 1.4.1 y 1.5.0, un usuario con altos privilegios puede inyectar c\u00f3digo HTML (XSS) mediante una administraci\u00f3n basada en web o la API REST con un archivo de certificado manipulado"}], "id": "CVE-2021-34582", "lastModified": "2022-07-28T09:32:58.160", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "info@cert.vde.com", "type": "Secondary"}]}, "published": "2021-11-10T12:15:15.227", "references": [{"source": "info@cert.vde.com", "tags": ["Third Party Advisory"], "url": "https://cert.vde.com/en/advisories/VDE-2021-046/"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "info@cert.vde.com", "type": "Primary"}]}