{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37183", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2024-06-13T14:52:17.253Z", "datePublished": "2024-06-20T22:09:21.235Z", "dateUpdated": "2024-08-02T03:50:55.374Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "L210-F2G Lynx", "vendor": "Westermo", "versions": [{"status": "affected", "version": "4.21.0"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Aviv Malka and Joseph Baum of OTORIO reported these vulnerabilities to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\nPlain text credentials and session ID can be captured with a network sniffer.\n\n"}], "value": "Plain text credentials and session ID can be captured with a network sniffer."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-06-20T22:09:21.235Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"}], "source": {"advisory": "ICSA-24-172-03", "discovery": "EXTERNAL"}, "title": "Westermo L210-F2G Lynx Cleartext Transmission of Sensitive Information", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n<p>Westermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.</p>\n<p>To mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device's \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.</p>\n<p>Westermo suggests limiting access to the device's CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.</p>\n<p>Westermo will keep users updated on any further enhancements.</p>\n\n<br>"}], "value": "Westermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.\n\n\nTo mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device's \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.\n\n\nWestermo suggests limiting access to the device's CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.\n\n\nWestermo will keep users updated on any further enhancements."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "westermo", "product": "l210-f2g_lynx_firmware", "cpes": ["cpe:2.3:o:westermo:l210-f2g_lynx_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4.21.0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-21T14:25:44.014433Z", "id": "CVE-2024-37183", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-21T14:32:02.820Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:55.374Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:50:55.374Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37183", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-21T14:25:44.014433Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:westermo:l210-f2g_lynx_firmware:-:*:*:*:*:*:*:*"], "vendor": "westermo", "product": "l210-f2g_lynx_firmware", "versions": [{"status": "affected", "version": "4.21.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-21T14:26:27.562Z"}}], "cna": {"title": "Westermo L210-F2G Lynx Cleartext Transmission of Sensitive Information", "source": {"advisory": "ICSA-24-172-03", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Aviv Malka and Joseph Baum of OTORIO reported these vulnerabilities to CISA."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Westermo", "product": "L210-F2G Lynx", "versions": [{"status": "affected", "version": "4.21.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"}], "workarounds": [{"lang": "en", "value": "Westermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.\n\n\nTo mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device's \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.\n\n\nWestermo suggests limiting access to the device's CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.\n\n\nWestermo will keep users updated on any further enhancements.", "supportingMedia": [{"type": "text/html", "value": "\n<p>Westermo advises users to disable HTTP access to the WebGUI and \ninstead use HTTPS instead. This change will secure the credentials and \nsession IDs, effectively nullifying the exploits described.</p>\n<p>To mitigate the risk of a denial-of-service attack through continuous\n login attempts, Westermo recommends disabling access to the device's \nWebGUI on external communication interfaces. For devices in production \nenvironments, disabling the WebGUI is suggested if possible.</p>\n<p>Westermo suggests limiting access to the device's CLI on external \ncommunication interfaces to prevent SSH DOS attacks through repeated \nlogin attempts.</p>\n<p>Westermo will keep users updated on any further enhancements.</p>\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Plain text credentials and session ID can be captured with a network sniffer.", "supportingMedia": [{"type": "text/html", "value": "\nPlain text credentials and session ID can be captured with a network sniffer.\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-06-20T22:09:21.235Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37183", "state": "PUBLISHED", "dateUpdated": "2024-08-02T03:50:55.374Z", "dateReserved": "2024-06-13T14:52:17.253Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2024-06-20T22:09:21.235Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:westermo:l210-f2g_firmware:4.21.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4712143-6A81-44AF-8F1A-9A49930FF4E6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:westermo:l210-f2g:-:*:*:*:*:*:*:*", "matchCriteriaId": "27754675-F9E5-4BDA-8DD6-487363BEABC0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Plain text credentials and session ID can be captured with a network sniffer."}, {"lang": "es", "value": "Las credenciales de texto sin formato y el ID de sesi\u00f3n se pueden capturar con un rastreador de red."}], "id": "CVE-2024-37183", "lastModified": "2025-07-30T18:09:28.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 3.6, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2024-06-20T22:15:15.580", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-319"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}

{}

{}