Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_MOXA_CVE-2016-9371.NASL
HistoryAug 02, 2023 - 12:00 a.m.

Moxa NPort Cross-site Scripting(CVE-2016-9371)

2023-08-0200:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
moxa nport
cross-site scripting
vulnerability
web page output
tenable.ot

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

35.9%

JSON

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. User-controlled input is not neutralized before being output to web page (CROSS-SITE SCRIPTING).

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501518);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/08/03");

  script_cve_id("CVE-2016-9371");

  script_name(english:"Moxa NPort Cross-site Scripting(CVE-2016-9371)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"An issue was discovered in Moxa NPort 5110 versions prior to 2.6,
NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series
versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort
5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A
versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort
5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series
versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2,
NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series
versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11,
NPort IA5450A versions prior to v1.4. User-controlled input is not
neutralized before being output to web page (CROSS-SITE SCRIPTING).

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/85965");
  script_set_attribute(attribute:"see_also", value:"https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-9371");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(79);

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/02/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/02/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/02");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5110_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5130_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5150_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5150ai-m12_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5100a_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_p5150a_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5200_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5200a_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5250ai-m12_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5400_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5450ai-m12_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5600_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5600-8-dt_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_5600-8-dtl_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_6000_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_6100_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_6110_series_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_ia5450a_series_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Moxa");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Moxa');

var asset = tenable_ot::assets::get(vendor:'Moxa');

var vuln_cpes = {
    "cpe:/o:moxa:nport_5110_series_firmware" :
        {"versionEndExcluding" : "2.7", "family" : "NPort"},
    "cpe:/o:moxa:nport_5130_series_firmware" :
        {"versionEndExcluding" : "3.7", "family" : "NPort"},
    "cpe:/o:moxa:nport_5150_series_firmware" :
        {"versionEndExcluding" : "3.7", "family" : "NPort"},
    "cpe:/o:moxa:nport_5150ai-m12_series_firmware" :
        {"versionEndExcluding" : "1.3", "family" : "NPort"},
    "cpe:/o:moxa:nport_5100a_series_firmware" :
        {"versionEndExcluding" : "1.4", "family" : "NPort"},
    "cpe:/o:moxa:nport_p5150a_firmware" :
        {"versionEndExcluding" : "1.4", "family" : "NPort"},
    "cpe:/o:moxa:nport_5200_series_firmware" :
        {"versionEndExcluding" : "2.9", "family" : "NPort"},
    "cpe:/o:moxa:nport_5200a_series_firmware" :
        {"versionEndExcluding" : "1.4", "family" : "NPort"},
    "cpe:/o:moxa:nport_5250ai-m12_series_firmware" :
        {"versionEndExcluding" : "1.3", "family" : "NPort"},
    "cpe:/o:moxa:nport_5400_series_firmware" :
        {"versionEndExcluding" : "3.12", "family" : "NPort"},
    "cpe:/o:moxa:nport_5450ai-m12_series_firmware" :
        {"versionEndExcluding" : "1.3", "family" : "NPort"},
    "cpe:/o:moxa:nport_5600_series_firmware" :
        {"versionEndExcluding" : "3.8", "family" : "MoxaNPort5600"},
    "cpe:/o:moxa:nport_5600-8-dt_series_firmware" :
        {"versionEndExcluding" : "2.5", "family" : "MoxaNPort5600"},
    "cpe:/o:moxa:nport_5600-8-dtl_series_firmware" :
        {"versionEndExcluding" : "2.5", "family" : "MoxaNPort5600"},
    "cpe:/o:moxa:nport_6000_series_firmware" :
        {"versionEndExcluding" : "2.7", "family" : "NPort"},
    "cpe:/o:moxa:nport_6100_series_firmware" :
        {"versionEndExcluding" : "1.16", "family" : "NPort"},
    "cpe:/o:moxa:nport_6110_series_firmware" :
        {"family" : "NPort"},
    "cpe:/o:moxa:nport_ia5450a_series_firmware" :
        {"versionEndExcluding" : "1.4", "family" : "NPort"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);

Related

cve 1
prion 1
cvelist 1
nvd 1
ics 2
openvas 1
cve
cve
CVE-2016-9371
2017-02-13 21:59:02
prion
prion
Cross site scripting
2017-02-13 21:59:00
cvelist
cvelist
CVE-2016-9371
2017-02-13 21:00:00
nvd
nvd
CVE-2016-9371
2017-02-13 21:59:02
ics
ics
Moxa NPort Device Vulnerabilities (Update A)
2017-03-21 12:00:00
Moxa NPort Device Vulnerabilities (Update A)
2016-12-01 00:00:00
openvas
openvas
Moxa NPort Devices Multiple Vulnerabilities (MCSA-160401)
2017-02-16 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

35.9%

JSON
Related for TENABLE_OT_MOXA_CVE-2016-9371.NASL
cve1prion1cvelist1nvd1ics2openvas1