CVE-2018-25236
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed HTTP requests. Attackers can exploit improper authentication handling to obtain the authentication status and privileges of a previously authenticated user without providing valid credentials.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Belden | Hirschmann HiOS | 0 <= 05.07 | affected |
| Belden | Hirschmann HiOS | 0 <= 06.1.04 | affected |
| Belden | Hirschmann HiOS | 0 <= 06.2.00 | affected |
| Belden | Hirschmann HiOS | 06.1.05 | unaffected |
| Belden | Hirschmann HiOS | 07.0.00 | unaffected |
| Belden | Hirschmann HiOS | 03.1.00 | unaffected |
| Belden | Hirschmann HiSecOS EAGLE | 0 <= 03.00.02 | affected |
| Belden | Hirschmann HiSecOS EAGLE | 03.0.03 | unaffected |
Weaknesses
- CWE-287: Improper Authentication (CWE-287)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- https://assets.belden.com/m/52ecadbb5f1b0e04/original/Security-Bulletin-Web-Server-Authentication-Bypass-HiOS-HiSecOS-Hirschmann-BSECV-2018-05.pdf
- https://www.vulncheck.com/advisories/hirschmann-hios-hisecos-authentication-bypass-via-http-management
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.