CVE-2023-31161 - OpenCVE

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 for more details.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Selinc	Sel-3350 Sel-3350 Firmware Sel-3532 Sel-3532 Firmware Sel-3555 Sel-3555 Firmware Sel-3560e Sel-3560e Firmware Sel-3560s Sel-3560s Firmware

Configuration 1 [-]

AND

cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*

cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*

cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*

cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*

cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*

cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://selinc.com/support/security-notifications/external-reports/
https://www.nozominetworks.com/blog/

History

No history.

MITRE

Status: PUBLISHED

Assigner: SEL

Published: 2023-05-10T19:24:03.543Z

Updated: 2024-08-02T14:45:25.873Z

Reserved: 2023-04-24T23:19:33.136Z

Link: CVE-2023-31161

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-05-10T20:15:11.080

Modified: 2023-05-17T19:05:14.183

Link: CVE-2023-31161

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-31161", "assignerOrgId": "5804bb70-792c-43e0-8596-486cc0efe699", "state": "PUBLISHED", "assignerShortName": "SEL", "dateReserved": "2023-04-24T23:19:33.136Z", "datePublished": "2023-05-10T19:24:03.543Z", "dateUpdated": "2024-08-02T14:45:25.873Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Web management interface"], "platforms": ["Linux"], "product": "SEL-3532", "vendor": "Schweitzer Engineering Laboratories", "versions": [{"lessThan": "R150-V2", "status": "affected", "version": "R143-V0", "versionType": "custom"}, {"lessThan": "R149-V4", "status": "affected", "version": "R143-V0", "versionType": "custom"}, {"lessThan": "R148-V7", "status": "affected", "version": "R143-V0", "versionType": "custom"}, {"lessThan": "R147-V6", "status": "affected", "version": "R143-V0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "modules": ["Web management interface"], "platforms": ["Linux"], "product": "SEL-3555", "vendor": "Schweitzer Engineering Laboratories", "versions": [{"lessThan": "R150-V2", "status": "affected", "version": "R143-V0", "versionType": "custom"}, {"lessThan": "R149-V4", "status": "affected", "version": "R143-V0", "versionType": "custom"}, {"lessThan": "R148-V7", "status": "affected", "version": "R143-V0", "versionType": "custom"}, {"lessThan": "R147-V6", "status": "affected", "version": "R143-V0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "modules": ["Web management interface"], "platforms": ["Linux"], "product": "SEL-3560S", "vendor": "Schweitzer Engineering Laboratories", "versions": [{"lessThan": "R150-V2", "status": "affected", "version": "R144-V2", "versionType": "custom"}, {"lessThan": "R149-V4", "status": "affected", "version": "R144-V2", "versionType": "custom"}, {"lessThan": "R148-V7", "status": "affected", "version": "R144-V2", "versionType": "custom"}, {"lessThan": "R147-V6", "status": "affected", "version": "R144-V2", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "modules": ["Web management interface"], "platforms": ["Linux"], "product": "SEL-3560E", "vendor": "Schweitzer Engineering Laboratories", "versions": [{"lessThan": "R150-V2", "status": "affected", "version": "R144-V2", "versionType": "custom"}, {"lessThan": "R149-V4", "status": "affected", "version": "R144-V2", "versionType": "custom"}, {"lessThan": "R148-V7", "status": "affected", "version": "R144-V2", "versionType": "custom"}, {"lessThan": "R147-V6", "status": "affected", "version": "R144-V2", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "modules": ["Web management interface"], "platforms": ["Linux"], "product": "SEL-3350", "vendor": "Schweitzer Engineering Laboratories", "versions": [{"lessThan": "R150-V2", "status": "affected", "version": "R148-V0", "versionType": "custom"}, {"lessThan": "R149-V4", "status": "affected", "version": "R148-V0", "versionType": "custom"}, {"lessThan": "R148-V7", "status": "affected", "version": "R148-V0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Andrea Palanca, Nozomi Networks"}], "datePublic": "2023-05-10T07:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects.<br><br>See SEL Service Bulletin dated 2022-11-15 for more details."}], "value": "An\u00a0Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects.\n\nSee SEL Service Bulletin dated 2022-11-15 for more details."}], "impacts": [{"capecId": "CAPEC-176", "descriptions": [{"lang": "en", "value": "CAPEC-176 Configuration/Environment Manipulation"}]}, {"capecId": "CAPEC-643", "descriptions": [{"lang": "en", "value": "CAPEC-643 Identify Shared Files/Directories on System"}]}, {"capecId": "CAPEC-469", "descriptions": [{"lang": "en", "value": "CAPEC-469 HTTP DoS"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5804bb70-792c-43e0-8596-486cc0efe699", "shortName": "SEL", "dateUpdated": "2023-05-10T19:24:03.543Z"}, "references": [{"url": "https://selinc.com/support/security-notifications/external-reports/"}, {"url": "https://www.nozominetworks.com/blog/"}], "source": {"discovery": "EXTERNAL"}, "title": "Improper Input Validation in Web Interface", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:45:25.873Z"}, "title": "CVE Program Container", "references": [{"url": "https://selinc.com/support/security-notifications/external-reports/", "tags": ["x_transferred"]}, {"url": "https://www.nozominetworks.com/blog/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C", "versionEndExcluding": "r150-v2", "versionStartIncluding": "r148-v0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "621E04B8-C1E2-4E96-9D7E-9073141CF40A", "versionEndExcluding": "r150-v2", "versionStartIncluding": "r143-v0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6796FA5F-5EAD-44A7-A82C-3CF8BCAD8784", "versionEndExcluding": "r150-v2", "versionStartIncluding": "r143-v0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3", "versionEndExcluding": "r150-v2", "versionStartIncluding": "r144-v2", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302", "versionEndExcluding": "r150-v2", "versionStartIncluding": "r144-v2", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An\u00a0Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects.\n\nSee SEL Service Bulletin dated 2022-11-15 for more details."}], "id": "CVE-2023-31161", "lastModified": "2023-05-17T19:05:14.183", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 3.7, "source": "security@selinc.com", "type": "Secondary"}]}, "published": "2023-05-10T20:15:11.080", "references": [{"source": "security@selinc.com", "tags": ["Vendor Advisory"], "url": "https://selinc.com/support/security-notifications/external-reports/"}, {"source": "security@selinc.com", "tags": ["Third Party Advisory"], "url": "https://www.nozominetworks.com/blog/"}], "sourceIdentifier": "security@selinc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@selinc.com", "type": "Secondary"}]}