CVE-2023-32659 - OpenCVE

SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Subnet	Powersystem Center

Configuration 1 [-]

OR	cpe:2.3:a:subnet:powersystem_center::::::::
	cpe:2.3:a:subnet:powersystem_center:2020:-::::::
	cpe:2.3:a:subnet:powersystem_center:2020:u10::::::

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-06-19T20:18:36.913Z

Updated: 2024-08-02T15:25:36.325Z

Reserved: 2023-05-25T16:04:56.572Z

Link: CVE-2023-32659

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-06-19T21:15:42.113

Modified: 2023-06-29T19:58:00.653

Link: CVE-2023-32659

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-32659", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-05-25T16:04:56.572Z", "datePublished": "2023-06-19T20:18:36.913Z", "dateUpdated": "2024-08-02T15:25:36.325Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "PowerSYSTEM Center", "vendor": "SUBNET Solutions Inc.", "versions": [{"lessThanOrEqual": "2020 U10", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "SUBNET Solutions reported these vulnerabilities to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.</p><br>\n\n"}], "value": "\nSUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.\n\n\n\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Cross-site Scripting", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-06-19T20:18:36.913Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>SUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).</p><p><br></p>\n\n<br>"}], "value": "\nSUBNET Solutions has fixed these issues by enabling a file integrity check on uploaded images and anti-forgery tokens to prevent replay attacks. The fix was introduced in PowerSYSTEM Center update 12 as well as Update 8+Hotfix (both identified by release number 5.12.2305.10101, which can be located in Settings / Overview / Version).\n\n\n\n\n\n\n\n"}], "source": {"discovery": "INTERNAL"}, "title": "SUBNET PowerSYSTEM Center Cross-site Scripting", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>SUBNET Solutions recommends users to follow the following workarounds:</p><ul><li>Users should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files.</li><li>Users should verify network security rules to ensure that outbound connections to the internet are not possible.</li><li>If the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center.</li><li>Monitor user activity and ensure application control rules only allow preauthorized executables to run.</li><li>Deny users to run other executables on client access servers (PowerSYSTEM Center front end access point).</li></ul>\n\n<br>"}], "value": "\nSUBNET Solutions recommends users to follow the following workarounds:\n\n * Users should verify that SVG files do not contain HTML elements or scripts and validate that JPG and PNG files are not SVG files.\n * Users should verify network security rules to ensure that outbound connections to the internet are not possible.\n * If the above cannot be performed or notifications are not required, disable email notifications for reports from PowerSYSTEM Center.\n * Monitor user activity and ensure application control rules only allow preauthorized executables to run.\n * Deny users to run other executables on client access servers (PowerSYSTEM Center front end access point).\n\n\n\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T15:25:36.325Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:subnet:powersystem_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5778648-23B8-4022-904D-E8B631E5FFD7", "versionEndExcluding": "2020", "vulnerable": true}, {"criteria": "cpe:2.3:a:subnet:powersystem_center:2020:-:*:*:*:*:*:*", "matchCriteriaId": "7EDB93B1-836B-47CD-8D4A-4DFF281DEC91", "vulnerable": true}, {"criteria": "cpe:2.3:a:subnet:powersystem_center:2020:u10:*:*:*:*:*:*", "matchCriteriaId": "F5575977-3DFF-44B4-A0E1-4C3C9E92CD3E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\nSUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.\n\n\n\n\n"}], "id": "CVE-2023-32659", "lastModified": "2023-06-29T19:58:00.653", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 4.7, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-06-19T21:15:42.113", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}