CVE-2023-29410 - OpenCVE

A CWE-20: Improper Input Validation vulnerability exists that could allow an authenticated attacker to gain the same privilege as the application on the server when a malicious payload is provided over HTTP for the server to execute.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Schneider-electric	Conext Gateway Firmware Insightfacility Insightfacility Firmware Conext Gateway Insighthome Firmware Insighthome

Configuration 1 [-]

AND

OR	cpe:2.3:o:schneider-electric:insighthome_firmware::::::::
	cpe:2.3:o:schneider-electric:insighthome_firmware:1.16:-::::::
	cpe:2.3:o:schneider-electric:insighthome_firmware:1.16:build_004::::::

cpe:2.3:h:schneider-electric:insighthome:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:schneider-electric:insightfacility_firmware::::::::
	cpe:2.3:o:schneider-electric:insightfacility_firmware:1.16:-::::::
	cpe:2.3:o:schneider-electric:insightfacility_firmware:1.16:build_004::::::

cpe:2.3:h:schneider-electric:insightfacility:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

OR	cpe:2.3:o:schneider-electric:conext_gateway_firmware::::::::
	cpe:2.3:o:schneider-electric:conext_gateway_firmware:1.16:-::::::
	cpe:2.3:o:schneider-electric:conext_gateway_firmware:1.16:build_004::::::

cpe:2.3:h:schneider-electric:conext_gateway:-:*:*:*:*:*:*:*

References

Link	Resource
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-02.pdf	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: schneider

Published: 2023-04-18T21:13:55.322Z

Updated: 2023-04-18T21:13:55.322Z

Reserved: 2023-04-05T20:35:41.367Z

Link: CVE-2023-29410

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-04-18T22:15:08.067

Modified: 2023-04-28T01:25:19.217

Link: CVE-2023-29410

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-29410", "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "state": "PUBLISHED", "assignerShortName": "schneider", "dateReserved": "2023-04-05T20:35:41.367Z", "datePublished": "2023-04-18T21:13:55.322Z", "dateUpdated": "2023-04-18T21:13:55.322Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "InsightHome", "vendor": "Schneider Electric", "versions": [{"lessThanOrEqual": "prior", "status": "affected", "version": "v1.16 Build 004", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "InsightFacility", "vendor": "Schneider Electric", "versions": [{"lessThanOrEqual": "prior", "status": "affected", "version": "v1.16 Build 004", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Conext Gateway", "vendor": "Schneider Electric", "versions": [{"lessThanOrEqual": "prior", "status": "affected", "version": "v1.16 Build 004", "versionType": "custom"}]}], "datePublic": "2023-04-11T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nA CWE-20: Improper Input Validation vulnerability exists that could allow an authenticated\nattacker to gain the same privilege as the application on the server when a malicious payload is\nprovided over HTTP for the server to execute. \n\n \n\n\n\n"}], "value": "\nA CWE-20: Improper Input Validation vulnerability exists that could allow an authenticated\nattacker to gain the same privilege as the application on the server when a malicious payload is\nprovided over HTTP for the server to execute. \n\n \n\n\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider", "dateUpdated": "2023-04-18T21:13:55.322Z"}, "references": [{"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-02.pdf"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:insighthome_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "371B602D-2BB3-41CF-B07B-558B74AEC130", "versionEndExcluding": "1.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:schneider-electric:insighthome_firmware:1.16:-:*:*:*:*:*:*", "matchCriteriaId": "698CF5CB-17DC-405B-9C44-675A80320A65", "vulnerable": true}, {"criteria": "cpe:2.3:o:schneider-electric:insighthome_firmware:1.16:build_004:*:*:*:*:*:*", "matchCriteriaId": "039691CA-D243-4D6D-912A-F130F7F6491C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:insighthome:-:*:*:*:*:*:*:*", "matchCriteriaId": "37CAC057-7F0E-4375-99FE-AEE0EDDEA568", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:insightfacility_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "18E2843D-745F-41D7-8B16-2CC18EC64290", "versionEndExcluding": "1.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:schneider-electric:insightfacility_firmware:1.16:-:*:*:*:*:*:*", "matchCriteriaId": "F90B0024-6C86-4E85-AE83-F349D34E7416", "vulnerable": true}, {"criteria": "cpe:2.3:o:schneider-electric:insightfacility_firmware:1.16:build_004:*:*:*:*:*:*", "matchCriteriaId": "D81ACD8E-4B04-4BCB-894F-4A5828899C16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:insightfacility:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5011815-3D43-4AA4-9395-31788D06DA10", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:conext_gateway_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3524289C-ACF3-424E-9A1E-A777EBFB89F1", "versionEndExcluding": "1.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:schneider-electric:conext_gateway_firmware:1.16:-:*:*:*:*:*:*", "matchCriteriaId": "62314597-62BC-4531-B5C8-61343262CE9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:schneider-electric:conext_gateway_firmware:1.16:build_004:*:*:*:*:*:*", "matchCriteriaId": "AD27299F-4422-4176-9DFD-86F2E4487366", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:conext_gateway:-:*:*:*:*:*:*:*", "matchCriteriaId": "E013171F-2BFB-4CB2-9C4B-4EB60A40B255", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\nA CWE-20: Improper Input Validation vulnerability exists that could allow an authenticated\nattacker to gain the same privilege as the application on the server when a malicious payload is\nprovided over HTTP for the server to execute. \n\n \n\n\n\n"}], "id": "CVE-2023-29410", "lastModified": "2023-04-28T01:25:19.217", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "cybersecurity@se.com", "type": "Secondary"}]}, "published": "2023-04-18T22:15:08.067", "references": [{"source": "cybersecurity@se.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-02.pdf"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "cybersecurity@se.com", "type": "Primary"}]}