SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-529807340] Emerson Liebert SiteScan XML External Entity Vulnerability

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2016-11-29OtherEmersonEvgeny ErmakovN/ACVE-2016-8348 N/AN/AN/A

Source

						
							
								
#
# Emerson Liebert SiteScan XML External Entity Vulnerability
#


### OVERVIEW

Researcher Evgeny Ermakov from Kaspersky Lab has identified an XML External Entity (XXE) vulnerability affecting Emerson's Liebert SiteScan application. Emerson has produced patches to mitigate this vulnerability.
This vulnerability could be exploited remotely.



### AFFECTED PRODUCTS

The following Liebert SiteScan versions are affected:
SiteScan Web Version 6.5, and prior.



### IMPACT

Exploitation of this vulnerability may lead to the disclosure of confidential data, denial of service (DoS), server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.



### BACKGROUND

Emerson is a US-based company that maintains offices in several countries around the world, including the US, UK, Netherlands, Italy, India, Germany, France, Czech Republic, China, and Australia.
The affected product, Liebert SiteScan, is a web-based data center monitoring application providing centralized oversight of Liebert precision air, power and UPS units, as well as many other analog or digital devices. According to Emerson, Liebert SiteScan is deployed across several sectors including Commercial Facilities, Critical Manufacturing, Energy, Water and Wastewater Systems, and others. Emerson reports that this product is used worldwide.



### VULNERABILITY CHARACTERIZATION

# VULNERABILITY OVERVIEW

IMPROPER RESTRICTION OF XML EXTERNAL ENTITYa
An attacker may enter malicious input to Liebert SiteScan through a weakly configured XML parser causing the application to execute arbitrary code or disclose file contents from a server or connected network.
CVE-2016-8348b has been assigned to this vulnerability. CVSSv3 base score: 7.5 has been assigned; the CVSS vector string is (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)




### VULNERABILITY DETAILS

# EXPLOITABILITY

This vulnerability could be exploited remotely.



# EXISTENCE OF EXPLOIT

No known public exploits specifically target this vulnerability.



# DIFFICULTY

An attacker with a low skill would be able to exploit this vulnerability.



### MITIGATION

Emerson recommends that affected users update Liebert SiteScan with the following patches:
SiteScan Web Version 6.1, the patch file is: WS61_Security_Update.update, and
SiteScan Web Version 6.5, the patch file is: WS65_Security_Update.update.
These patches may be obtained by contacting Liebert Services at 1-800-543-2378.