CVE-2019-13532 - Vulnerability Details

Vendors	Products
Codesys	Control For Beaglebone Control For Empc-a\/imx6 Control For Iot2000 Control For Linux Control For Pfc100 Control For Pfc200 Control For Raspberry Pi Control Rte Control Runtime System Toolkit Control Win Embedded Target Visu Toolkit Hmi Remote Target Visu Toolkit

Link	Providers
https://www.us-cert.gov/ics/advisories/icsa-19-255-01

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "CODESYS V3 web server", "vendor": "n/a", "versions": [{"status": "affected", "version": "all versions prior to 3.5.14.10"}]}], "descriptions": [{"lang": "en", "value": "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-09-13T16:58:21", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2019-13532", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "CODESYS V3 web server", "version": {"version_data": [{"version_value": "all versions prior to 3.5.14.10"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22"}]}]}, "references": {"reference_data": [{"name": "https://www.us-cert.gov/ics/advisories/icsa-19-255-01", "refsource": "MISC", "url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T23:57:39.525Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2019-13532", "datePublished": "2019-09-13T16:58:21", "dateReserved": "2019-07-11T00:00:00", "dateUpdated": "2024-08-04T23:57:39.525Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : CODESYS V3 web server (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : all versions prior to 3.5.14.10 (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-22 (string)

description : IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2019-09-13T16:58:21 (string)

orgId : 7d14cffa-0d7d-4270-9dc0-52cabd5a23a6 (string)

shortName : icscert (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://www.us-cert.gov/ics/advisories/icsa-19-255-01 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : ics-cert@hq.dhs.gov (string)

ID : CVE-2019-13532 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : CODESYS V3 web server (string)

version : { »

version_data : [ »

0 : { »

version_value : all versions prior to 3.5.14.10 (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.us-cert.gov/ics/advisories/icsa-19-255-01 (string)

refsource : MISC (string)

url : https://www.us-cert.gov/ics/advisories/icsa-19-255-01 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T23:57:39.525Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://www.us-cert.gov/ics/advisories/icsa-19-255-01 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 7d14cffa-0d7d-4270-9dc0-52cabd5a23a6 (string)

assignerShortName : icscert (string)

cveId : CVE-2019-13532 (string)

datePublished : 2019-09-13T16:58:21 (string)

dateReserved : 2019-07-11T00:00:00 (string)

dateUpdated : 2024-08-04T23:57:39.525Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC95996F-4E60-4CCE-BC7D-2F998969455D", "versionEndExcluding": "3.5.14.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCE0D6F6-86D9-488A-A02B-48F4BD6F67D4", "versionEndExcluding": "3.5.14.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "08C05889-826B-411F-AD6A-F18C432A3B1F", "versionEndExcluding": "3.5.14.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "225A5B49-7DB5-4B80-A560-5BEE65A7FC3D", "versionEndExcluding": "3.5.14.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E6DD82E-5047-4E7B-8C73-3BF8FD112F3A", "versionEndExcluding": "3.5.14.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", "matchCriteriaId": "47A9B7EB-229C-4A23-9BB7-72A5ABD61279", "versionEndExcluding": "3.5.14.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", "matchCriteriaId": "43092C73-1302-4915-B2BC-59058FF61EFA", "versionEndExcluding": "3.5.14.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9392852-7BEF-402C-9ED4-2D7D40955311", "versionEndExcluding": "3.5.12.80", "versionStartIncluding": "3.5.8.60", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", "matchCriteriaId": "FB77946F-7038-40FD-8204-B777ED0E59D2", "versionEndExcluding": "3.5.14.10", "versionStartIncluding": "3.5.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1CB113B-1207-43D9-A999-42B08AD50EB2", "versionEndExcluding": "3.5.12.80", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE519838-FADF-43EA-9723-9283C0E18E85", "versionEndIncluding": "3.5.12.80", "versionStartIncluding": "3.5.9.80", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", "matchCriteriaId": "3466070E-1377-4272-AC73-717B9DEC144C", "versionEndExcluding": "3.5.14.10", "versionStartIncluding": "3.5.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "07A7C9E7-ABF4-4C29-AF16-E697E35CFFC7", "versionEndExcluding": "3.5.12.80", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD2CDAC2-F8EB-45F4-82E2-5E5601F49D8A", "versionEndExcluding": "3.5.12.80", "versionStartIncluding": "3.5.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", "matchCriteriaId": "1AC3C628-281A-4E8E-ADE6-4CE976E187D4", "versionEndExcluding": "3.5.14.10", "versionStartIncluding": "3.5.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "08230AB2-9EA0-4F98-8CE5-0A9ADB2B2334", "versionEndExcluding": "3.5.12.80", "versionStartIncluding": "3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller."}, {"lang": "es", "value": "El servidor web de CODESYS V3, todas las versiones anteriores a 3.5.14.10, permite a un atacante enviar peticiones http o https especialmente dise\u00f1adas que pueden conceder el acceso a archivos fuera del directorio de trabajo restringido del controlador."}], "id": "CVE-2019-13532", "lastModified": "2024-11-21T04:25:05.470", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-13T17:15:11.617", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Patch", "Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Patch", "Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BC95996F-4E60-4CCE-BC7D-2F998969455D (string)

versionEndExcluding : 3.5.14.10 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:codesys:control_for_empc-a\/imx6:*:*:*:*:*:*:*:* (string)

matchCriteriaId : CCE0D6F6-86D9-488A-A02B-48F4BD6F67D4 (string)

versionEndExcluding : 3.5.14.10 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 08C05889-826B-411F-AD6A-F18C432A3B1F (string)

versionEndExcluding : 3.5.14.10 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 225A5B49-7DB5-4B80-A560-5BEE65A7FC3D (string)

versionEndExcluding : 3.5.14.10 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3E6DD82E-5047-4E7B-8C73-3BF8FD112F3A (string)

versionEndExcluding : 3.5.14.10 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 47A9B7EB-229C-4A23-9BB7-72A5ABD61279 (string)

versionEndExcluding : 3.5.14.10 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 43092C73-1302-4915-B2BC-59058FF61EFA (string)

versionEndExcluding : 3.5.14.10 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B9392852-7BEF-402C-9ED4-2D7D40955311 (string)

versionEndExcluding : 3.5.12.80 (string)

versionStartIncluding : 3.5.8.60 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FB77946F-7038-40FD-8204-B777ED0E59D2 (string)

versionEndExcluding : 3.5.14.10 (string)

versionStartIncluding : 3.5.13.0 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F1CB113B-1207-43D9-A999-42B08AD50EB2 (string)

versionEndExcluding : 3.5.12.80 (string)

versionStartIncluding : 3.0 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EE519838-FADF-43EA-9723-9283C0E18E85 (string)

versionEndIncluding : 3.5.12.80 (string)

versionStartIncluding : 3.5.9.80 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3466070E-1377-4272-AC73-717B9DEC144C (string)

versionEndExcluding : 3.5.14.10 (string)

versionStartIncluding : 3.5.13.0 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 07A7C9E7-ABF4-4C29-AF16-E697E35CFFC7 (string)

versionEndExcluding : 3.5.12.80 (string)

versionStartIncluding : 3.0 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BD2CDAC2-F8EB-45F4-82E2-5E5601F49D8A (string)

versionEndExcluding : 3.5.12.80 (string)

versionStartIncluding : 3.5.10.0 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1AC3C628-281A-4E8E-ADE6-4CE976E187D4 (string)

versionEndExcluding : 3.5.14.10 (string)

versionStartIncluding : 3.5.13.0 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 08230AB2-9EA0-4F98-8CE5-0A9ADB2B2334 (string)

versionEndExcluding : 3.5.12.80 (string)

versionStartIncluding : 3.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. (string)

}

1 : { »

lang : es (string)

value : El servidor web de CODESYS V3, todas las versiones anteriores a 3.5.14.10, permite a un atacante enviar peticiones http o https especialmente diseñadas que pueden conceder el acceso a archivos fuera del directorio de trabajo restringido del controlador. (string)

}

]

id : CVE-2019-13532 (string)

lastModified : 2024-11-21T04:25:05.470 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2019-09-13T17:15:11.617 (string)

references : [ »

0 : { »

source : ics-cert@hq.dhs.gov (string)

tags : [ »

0 : Mitigation (string)

1 : Patch (string)

2 : Third Party Advisory (string)

3 : US Government Resource (string)

]

url : https://www.us-cert.gov/ics/advisories/icsa-19-255-01 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Patch (string)

2 : Third Party Advisory (string)

3 : US Government Resource (string)

]

url : https://www.us-cert.gov/ics/advisories/icsa-19-255-01 (string)

}

]

sourceIdentifier : ics-cert@hq.dhs.gov (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-22 (string)

}

]

source : ics-cert@hq.dhs.gov (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-22 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object