CVE-2023-2625 - OpenCVE

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Abb	Txpert Hub Coretec 4 Firmware Txpert Hub Coretec 4

Configuration 1 [-]

AND

cpe:2.3:o:abb:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:abb:txpert_hub_coretec_4:-:*:*:*:*:*:*:*

References

Link	Resource
https://search.abb.com/library/Download.aspx?DocumentID=8DBD000163&LanguageCode=en&DocumentPartId=&Action=Launch	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2023-06-28T16:15:46.529Z

Updated: 2023-06-28T16:15:46.529Z

Reserved: 2023-05-10T10:31:57.900Z

Link: CVE-2023-2625

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-06-28T17:15:10.627

Modified: 2023-07-06T16:10:43.413

Link: CVE-2023-2625

JSON object: View

Redhat Information

No data.

CWE

CWE-78

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-2625", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "state": "PUBLISHED", "assignerShortName": "Hitachi Energy", "dateReserved": "2023-05-10T10:31:57.900Z", "datePublished": "2023-06-28T16:15:46.529Z", "dateUpdated": "2023-06-28T16:15:46.529Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TXpert Hub CoreTec 4", "vendor": "Hitachi Energy", "versions": [{"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.0.*"}, {"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.1.*"}, {"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.2.*"}, {"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.3.*"}, {"status": "affected", "version": "TXpert Hub CoreTec 4 version 2.4.*"}, {"status": "unaffected", "version": "TXpert Hub CoreTec 4 version 3.0.1"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system."}], "value": "A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2023-06-28T16:15:46.529Z"}, "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000163&LanguageCode=en&DocumentPartId=&Action=Launch"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The vulnerability is remediated in TXpert Hub CoreTec 4 version 3.0.1."}], "value": "The vulnerability is remediated in\u00a0TXpert Hub CoreTec 4 version 3.0.1."}], "source": {"discovery": "UNKNOWN"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nApply mitigation as described in the cybersecurity advisory Mitigation Factors/Workarounds Section.\n\n<br>"}], "value": "\nApply mitigation as described in the cybersecurity advisory Mitigation Factors/Workarounds Section.\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abb:txpert_hub_coretec_4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "65472456-E16E-454B-86D3-84F2469D3809", "versionEndExcluding": "3.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abb:txpert_hub_coretec_4:-:*:*:*:*:*:*:*", "matchCriteriaId": "9597F443-3693-451E-9EDA-66092ADB78E3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system."}], "id": "CVE-2023-2625", "lastModified": "2023-07-06T16:10:43.413", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2023-06-28T17:15:10.627", "references": [{"source": "cybersecurity@hitachienergy.com", "tags": ["Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000163&LanguageCode=en&DocumentPartId=&Action=Launch"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}