CVE-2023-4816 - OpenCVE

A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. This vulnerability can be exploited by an authenticated user per-forming an Equipment Tag Out holder action (Accept, Release, and Clear) for another user and entering an arbitrary password in the holder action confirmation dialog box. Despite entering an arbitrary password in the confirmation box, the system will execute the selected holder action.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hitachienergy	Asset Suite

Configuration 1 [-]

OR	cpe:2.3:a:hitachienergy:asset_suite::::::::
	cpe:2.3:a:hitachienergy:asset_suite:9.6.4:::::::*

No data.

References

Link	Providers
https://images.go.hitachienergy.com/Web/ABBEnterpriseSoftware/%7B70b3d323-4866-42e1-8a75-58996729c1d4%7D_8DBD000172-VU-2023-23_Asset_Suite_Tagout_vulnerability_Rev1.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: Hitachi Energy

Published: 2023-09-11T07:40:46.735Z

Updated: 2024-08-02T07:38:00.641Z

Reserved: 2023-09-07T07:02:56.867Z

Link: CVE-2023-4816

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-09-11T08:15:07.917

Modified: 2023-09-13T14:35:05.177

Link: CVE-2023-4816

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4816", "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17", "state": "PUBLISHED", "assignerShortName": "Hitachi Energy", "dateReserved": "2023-09-07T07:02:56.867Z", "datePublished": "2023-09-11T07:40:46.735Z", "dateUpdated": "2024-08-02T07:38:00.641Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Asset Suite 9", "vendor": "Hitachi Energy", "versions": [{"lessThanOrEqual": "9.6.3.11.1", "status": "affected", "version": "9.6.3.11.0", "versionType": "custom"}, {"status": "affected", "version": "9.6.4"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. This vulnerability can be exploited by an authenticated user per-forming an Equipment Tag Out holder action (Accept, Release, and Clear) for another user and entering an arbitrary password in the holder action confirmation dialog box. Despite entering an arbitrary password in the confirmation box, the system will execute the selected holder action."}], "value": "A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. This vulnerability can be exploited by an authenticated user per-forming an Equipment Tag Out holder action (Accept, Release, and Clear) for another user and entering an arbitrary password in the holder action confirmation dialog box. Despite entering an arbitrary password in the confirmation box, the system will execute the selected holder action."}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "CAPEC-114 Authentication Abuse"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e383dce4-0c27-4495-91c4-0db157728d17", "shortName": "Hitachi Energy", "dateUpdated": "2023-11-01T01:53:57.383Z"}, "references": [{"url": "https://images.go.hitachienergy.com/Web/ABBEnterpriseSoftware/%7B70b3d323-4866-42e1-8a75-58996729c1d4%7D_8DBD000172-VU-2023-23_Asset_Suite_Tagout_vulnerability_Rev1.pdf"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:38:00.641Z"}, "title": "CVE Program Container", "references": [{"url": "https://images.go.hitachienergy.com/Web/ABBEnterpriseSoftware/%7B70b3d323-4866-42e1-8a75-58996729c1d4%7D_8DBD000172-VU-2023-23_Asset_Suite_Tagout_vulnerability_Rev1.pdf", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hitachienergy:asset_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "FAC84DA0-C8A5-433E-A812-7E182295CD06", "versionEndIncluding": "9.6.3.11.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hitachienergy:asset_suite:9.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "6D04B485-9331-43B1-A8D9-4C245E20738A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. This vulnerability can be exploited by an authenticated user per-forming an Equipment Tag Out holder action (Accept, Release, and Clear) for another user and entering an arbitrary password in the holder action confirmation dialog box. Despite entering an arbitrary password in the confirmation box, the system will execute the selected holder action."}, {"lang": "es", "value": "Existe una vulnerabilidad en la autenticaci\u00f3n de Etiquetado de Equipos, cuando se configura con Inicio de Sesi\u00f3n \u00danico con validaci\u00f3n de contrase\u00f1a en T214. Esta vulnerabilidad puede ser explotada por un usuario autenticado que realiza una acci\u00f3n de titular de Etiquetado de Equipo (Aceptar, Liberar y Borrar) para otro usuario e ingresa una contrase\u00f1a arbitraria en el cuadro de di\u00e1logo de confirmaci\u00f3n de la acci\u00f3n del titular. A pesar de ingresar una contrase\u00f1a arbitraria en el cuadro de confirmaci\u00f3n, el sistema ejecutar\u00e1 la acci\u00f3n del titular seleccionado."}], "id": "CVE-2023-4816", "lastModified": "2023-09-13T14:35:05.177", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 4.7, "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}, "published": "2023-09-11T08:15:07.917", "references": [{"source": "cybersecurity@hitachienergy.com", "tags": ["Vendor Advisory"], "url": "https://images.go.hitachienergy.com/Web/ABBEnterpriseSoftware/%7B70b3d323-4866-42e1-8a75-58996729c1d4%7D_8DBD000172-VU-2023-23_Asset_Suite_Tagout_vulnerability_Rev1.pdf"}], "sourceIdentifier": "cybersecurity@hitachienergy.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "cybersecurity@hitachienergy.com", "type": "Secondary"}]}