SB2022061517 - Multiple vulnerabilities in Siemens SICAM GridEdge Software

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Origin validation error (CVE-ID: CVE-2022-30228)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations. A remote attacker can trick a victim to access a special resource and execute arbitrary request.

2) Missing Authentication for Critical Function (CVE-ID: CVE-2022-30229)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to the affected software does not require authenticated access for privileged functions. A remote attacker can change data of an user, such as credentials, in case that user's id is known.

3) Missing Authentication for Critical Function (CVE-ID: CVE-2022-30230)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to the affected software does not require authenticated access for privileged functions. A remote attacker can create a new user with administrative permissions.

4) Transmission of Private Resources into a New Sphere ('Resource Leak') (CVE-ID: CVE-2022-30231)

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to the affected software discloses password hashes of other users upon request. A remote administrator can retrieve another users password hash.

Remediation

Install update from vendor's website.

References

• https://cert-portal.siemens.com/productcert/pdf/ssa-631336.pdf