Induction Automation Ignition Multiple Vulnerabilities

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.

Synopsis :

The remote host is affected by multiple vulnerabilities.

Description :

The version of Induction Automation Ignition listening on the remote
host is affected by multiple vulnerabilities :

- A cross-site scripting vulnerability exists in Java Web
Start when adding any symbols to web requests for
starting Java applets. A remote attacker can exploit
this to inject malicious input and include JNLP files.

- An information disclosure vulnerability exists due to
error messages generated by unhandled exceptions.

- OPC server credentials may be insecurely stored in plain
text. (CVE-2015-0992)

- Sessions are not properly terminated by the web
interface after logout, allowing a remote attacker to
reuse the session to gain unauthorized access.

- Resetting the session ID parameter using an HTTP request
allows an attacker to bypass prevention mechanisms for
brute force login attacks. (CVE-2015-0994)

- A weak hashing algorithm (MD5) is used for storing
password information in the authentication database,
thus allowing easier brute-force attacks to gain
access. (CVE-2015-0995)

See also :

Solution :

Upgrade to Ignition 7.5.14 / 7.7.4.

Risk factor :

Medium / CVSS Base Score : 6.4

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now