SB2018030704 - Multiple vulnerabilities in Hirschmann Automation and Control GmbH Classic Platform Switches

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Session hijacking (CVE-ID: CVE-2018-5465)

The vulnerability allows a remote attacker to perform session fixation attack on the target system.

The weakness exists in the web interface due to session fixation vulnerability. A remote attacker can hijack an existing user's session.

2) Information disclosure (CVE-ID: CVE-2018-5467)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the web interface due to information exposure through query strings. A remote attacker can gain access to arbitrary data and impersonate a legitimate user.

3) Man-in-the-middle attack (CVE-ID: CVE-2018-5471)

The vulnerability allows a remote attacker to conduct man-in-the-middle attack.

The weakness exists in the web interface due to cleartext transmission of sensitive information. A remote attacker can use man-in-the-middle technique and obtain sensitive information through a successful man-in-the-middle attack.

4) Man-in-the-middle attack (CVE-ID: CVE-2018-5461)

The vulnerability allows a remote attacker to conduct man-in-the-middle attack.

The weakness exists in the web interface due to inadequate encryption strength vulnerability. A remote attacker can use man-in-the-middle technique and obtain sensitive information.

5) Brute-force attack (CVE-ID: CVE-2018-5469)

The vulnerability allows a remote attacker to conduct brute-force attack.

The weakness exists in the web interface due to improper restriction of excessive authentication. A remote attacker can brute force authentication.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://ics-cert.us-cert.gov/advisories/ICSA-18-065-01