CVE-2023-37858

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.

CVSS v3 4.9 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://cert.vde.com/en/advisories/VDE-2023-018/	Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2023-018/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:phoenixcontact:wp_6070-wvps_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:phoenixcontact:wp_6101-wxps_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:phoenixcontact:wp_6121-wxps_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:phoenixcontact:wp_6156-whps_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:phoenixcontact:wp_6185-whps_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:phoenixcontact:wp_6215-whps_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:12

Type	Values Removed	Values Added
References	~~() https://cert.vde.com/en/advisories/VDE-2023-018/ - Third Party Advisory~~	() https://cert.vde.com/en/advisories/VDE-2023-018/ - Third Party Advisory

Information

Published : 2023-08-09 07:15

Updated : 2024-11-21 08:12

NVD link : CVE-2023-37858

Mitre link : CVE-2023-37858

CVE.ORG link : CVE-2023-37858

JSON object : View

Products Affected

phoenixcontact

wp_6070-wvps
wp_6101-wxps
wp_6185-whps
wp_6215-whps_firmware
wp_6185-whps_firmware
wp_6121-wxps
wp_6156-whps
wp_6156-whps_firmware
wp_6215-whps
wp_6101-wxps_firmware
wp_6070-wvps_firmware
wp_6121-wxps_firmware

CWE

CWE-311

Missing Encryption of Sensitive Data

{"id": "CVE-2023-37858", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2023-08-09T07:15:10.710", "references": [{"url": "https://cert.vde.com/en/advisories/VDE-2023-018/", "tags": ["Third Party Advisory"], "source": "info@cert.vde.com"}, {"url": "https://cert.vde.com/en/advisories/VDE-2023-018/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-311"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-311"}]}], "descriptions": [{"lang": "en", "value": "In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.\n\n"}], "lastModified": "2024-11-21T08:12:20.017", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:wp_6070-wvps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30A330AB-B871-4312-927A-BF73D745DFD1", "versionEndExcluding": "4.0.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:wp_6070-wvps:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7746DBEC-655D-4405-B457-202342434B49"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:wp_6101-wxps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4F5E047-4212-498C-8C8A-4454C53A34DD", "versionEndExcluding": "4.0.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:wp_6101-wxps:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04FBD160-0582-4049-B6F2-7A56CC056FF2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:wp_6121-wxps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75E09A8E-A36E-4E5D-A62F-A8DABAB4258F", "versionEndExcluding": "4.0.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:wp_6121-wxps:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "206E4626-E7B8-4744-A258-9B9941652018"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:wp_6156-whps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1859A631-9C2E-4AA6-BFA1-7DE9E779BD6E", "versionEndExcluding": "4.0.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:wp_6156-whps:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7DF6A8F5-E997-4B75-BB55-4C77BE3011F6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:wp_6185-whps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2329179-AE02-4B31-A5FD-BD6E205726F7", "versionEndExcluding": "4.0.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:wp_6185-whps:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3C60EBBD-552C-48AB-975E-C3B7D3009CC7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:phoenixcontact:wp_6215-whps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D743C23B-054C-4F62-BCFB-BE90CF53832E", "versionEndExcluding": "4.0.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:phoenixcontact:wp_6215-whps:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A6CCE4E8-7EDF-44E9-8ED7-3FB88256674F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "info@cert.vde.com"}