CVE-2021-31891

Published Sep 14, 2021

Last updated 4 years ago

CVSS critical 10.0

Overview

Description: A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.
Source: productcert@siemens.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 10
Impact score: 6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

productcert@siemens.com: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:siemens:desigo_cc:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90D75ECA-E171-42BD-A475-A1DD4B9BE013"
          },
          {
            "criteria": "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D1D6B61-1F17-4008-9DFB-EF419777768E"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2504273-D83D-462E-A8CF-09107517D75D"
          },
          {
            "criteria": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFB86317-9626-454A-89D3-2B96FDF84CC3"
          },
          {
            "criteria": "cpe:2.3:a:siemens:siveillance_control:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5A18694-B44A-424A-8811-0D0E4FD729A8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B79BD779-60A5-43A8-9229-07C11A3167AA",
            "versionEndIncluding": "9.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References