Certec EDV GmbH atvise scada Cross Site Scripting and HTTP Header Injection Vulnerabilities

Certec EDV GmbH atvise scada is prone to a cross-site scripting vulnerability and an HTTP header-injection vulnerability.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks and to insert a crafted HTTP header into an HTTP response that could cause web server cache poisoning. These issues may aid in further attacks.

Versions prior to atvise 3.1 are vulnerable.

Information

Bugtraq ID: 97479
Class: Input Validation Error
CVE: CVE-2017-6031
CVE-2017-6029

Remote: Yes
Local: No
Published: Apr 06 2017 12:00AM
Credit: Sebastian Neef of Internetwache.org
Vulnerable: Certec EDV GmbH atvise 3.0

Not Vulnerable: Certec EDV GmbH atvise 3.1

Exploit

An attacker can exploit these issues by enticing an unsuspecting user into visiting a specially crafted URL.

References:

Certec EDV GmbH atvise scada Homepage (certec)
ICSA-17-096-01: Certec EDV GmbH atvise scada (ICS CERT)

Source: www.securityfocus.com

Exploit Collector

Search Exploit