CVE-2019-13923 Vulnerability Details

  /     /     /  

CVE-2019-13923 Metadata Quick Info

CVE Published: 13/09/2019 | CVE Updated: 05/08/2024 | CVE Year: 2019
Source: siemens | Vendor: Siemens AG | Product: IE/WSN-PA Link WirelessHART Gateway
Status : PUBLISHED

---

CVE-2019-13923 Description

A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). The integrated configuration web server of the affected device could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-80
CWE Name: CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Source: Siemens AG

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).