Lucene search
CERTVDECVELIST:CVE-2024-38501HistoryAug 13, 2024 - 12:33 p.m.
CVE-2024-38501 Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows HTML injection
2024-08-1312:33:00
CWE-79
CERTVDE
www.cve.org
4
cve-2024-38501
pepperl+fuchs
icdm-rx
xss
vulnerability
html injection
remote attacker
low-privileged access
unauthenticated
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.7%
An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-4DB9/2RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-DB9/RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-2DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-2ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-4DB9/2RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-8DB9/2RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-16RJ45/RJ45-RM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-16DB9/RJ45-RM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-32RJ45/RJ45-RM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-DB9/RJ45-PM2",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/TCP-16RJ45/2RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "11.65",
"status": "affected",
"version": "SocketServer",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN-DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v3.4.9",
"status": "affected",
"version": "PROFINET",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN-ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v3.4.9",
"status": "affected",
"version": "PROFINET",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN-4DB9/2RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v3.4.9",
"status": "affected",
"version": "PROFINET",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN-DB9/RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v3.4.9",
"status": "affected",
"version": "PROFINET",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN-2DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v3.4.9",
"status": "affected",
"version": "PROFINET",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN-2ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v3.4.9",
"status": "affected",
"version": "PROFINET",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN1-DB9/RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.0.7",
"status": "affected",
"version": "PROFINET/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN1-DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.0.7",
"status": "affected",
"version": "PROFINET/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN1-ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.0.7",
"status": "affected",
"version": "PROFINET/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN1-2DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.0.7",
"status": "affected",
"version": "PROFINET/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN1-4DB9/2RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.0.7",
"status": "affected",
"version": "PROFINET/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/PN1-2ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.0.7",
"status": "affected",
"version": "PROFINET/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN-DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.22",
"status": "affected",
"version": "EtherNet/IP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN-ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.22",
"status": "affected",
"version": "EtherNet/IP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN-4DB9/2RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.22",
"status": "affected",
"version": "EtherNet/IP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN-DB9/RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.22",
"status": "affected",
"version": "EtherNet/IP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN-2DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.22",
"status": "affected",
"version": "EtherNet/IP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN-2ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.22",
"status": "affected",
"version": "EtherNet/IP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN1-DB9/RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.08",
"status": "affected",
"version": "EIP/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN1-DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.08",
"status": "affected",
"version": "EIP/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN1-ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.08",
"status": "affected",
"version": "EIP/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN1-2DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.08",
"status": "affected",
"version": "EIP/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN1-4DB9/2RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.08",
"status": "affected",
"version": "EIP/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/EN1-2ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v1.08",
"status": "affected",
"version": "EIP/Modbus",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/MOD-DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.09",
"status": "affected",
"version": "Modbus Router",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus Server",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus TCP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/MOD-ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.09",
"status": "affected",
"version": "Modbus Router",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus Server",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus TCP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/MOD-4DB9/2RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.09",
"status": "affected",
"version": "Modbus Router",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus Server",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus TCP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/MOD-DB9/RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.09",
"status": "affected",
"version": "Modbus Router",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus Server",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus TCP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/MOD-2DB9/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.09",
"status": "affected",
"version": "Modbus Router",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus Server",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus TCP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/MOD-2ST/RJ45-DIN",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.09",
"status": "affected",
"version": "Modbus Router",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus Server",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus TCP",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICDM-RX/MOD-16RJ45/2RJ45-PM",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "v7.09",
"status": "affected",
"version": "Modbus Router",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus Server",
"versionType": "semver"
},
{
"lessThanOrEqual": "v7.11",
"status": "affected",
"version": "Modbus TCP",
"versionType": "semver"
}
]
}
]References
Related
nvd
nvd
CVE-2024-38501
2024-08-13 13:15:12
vulnrichment
vulnrichment
cve
cve
CVE-2024-38501
2024-08-13 13:15:12
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.7%
Related for CVELIST:CVE-2024-38501