Inductive Automation Ignition Multiple Vulnerabilities

medium Nessus Plugin ID 83952

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Inductive Automation Ignition listening on the remote host is affected by multiple vulnerabilities :

- A cross-site scripting vulnerability exists in Java Web Start when adding any symbols to web requests for starting Java applets. A remote attacker can exploit this to inject malicious input and include JNLP files.
(CVE-2015-0976)

- An information disclosure vulnerability exists due to error messages generated by unhandled exceptions.
(CVE-2015-0991)

- OPC server credentials may be insecurely stored in plain text. (CVE-2015-0992)

- Sessions are not properly terminated by the web interface after logout, allowing a remote attacker to reuse the session to gain unauthorized access.
(CVE-2015-0993)

- Resetting the session ID parameter using an HTTP request allows an attacker to bypass prevention mechanisms for brute force login attacks. (CVE-2015-0994)

- A weak hashing algorithm (MD5) is used for storing password information in the authentication database, thus allowing easier brute-force attacks to gain access. (CVE-2015-0995)

Solution

Upgrade to Ignition 7.5.14 / 7.7.4.

See Also

http://www.nessus.org/u?ce62874d

Plugin Details

Severity: Medium

ID: 83952

File Name: scada_inductive_automation_ignition_ICSA-15-090-01.nbin

Version: 1.109

Type: remote

Family: SCADA

Published: 6/2/2015

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2015-0993

Vulnerability Information

CPE: cpe:/a:inductiveautomation:ignition

Required KB Items: installed_sw/Inductive Automation Ignition

Exploit Ease: No known exploits are available

Patch Publication Date: 3/31/2015

Vulnerability Publication Date: 12/30/2008

Reference Information

CVE: CVE-2015-0976, CVE-2015-0991, CVE-2015-0992, CVE-2015-0993, CVE-2015-0994, CVE-2015-0995

BID: 73468, 73469, 73471, 73473, 73474, 73475

CERT: 836068

ICSA: 15-090-01