{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-26156","assignerOrgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","state":"PUBLISHED","assignerShortName":"icscert","dateReserved":"2024-02-14T22:03:32.381Z","datePublished":"2025-01-17T16:12:26.288Z","dateUpdated":"2025-01-21T15:05:56.805Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Remote Access Server (RAS)","vendor":"ETIC Telecom","versions":[{"lessThan":"4.5.0","status":"affected","version":"0","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","value":"Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nare vulnerable to reflected cross site scripting (XSS) attacks in the \nmethod parameter. The ETIC RAS web server uses dynamic pages that gets \ntheir input from the client side and reflects the input in its response \nto the client."}],"value":"All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nare vulnerable to reflected cross site scripting (XSS) attacks in the \nmethod parameter. The ETIC RAS web server uses dynamic pages that gets \ntheir input from the client side and reflects the input in its response \nto the client."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"HIGH","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":4.8,"baseSeverity":"MEDIUM","privilegesRequired":"HIGH","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","userInteraction":"PASSIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-79","description":"CWE-79 Cross-site Scripting","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","shortName":"icscert","dateUpdated":"2025-01-17T16:12:26.288Z"},"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"For all firmware versions <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\">4.5.0</a>\n and above, this issue is fixed. <br>"}],"value":"For all firmware versions  4.5.0 https://www.etictelecom.com/en/softwares-download/ \n and above, this issue is fixed."}],"source":{"advisory":"ICSA-22-307-01","discovery":"EXTERNAL"},"title":"ETIC Telecom Remote Access Server (RAS) Cross-site Scripting","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"To reduce the attack surface in \nversions prior to 4.5.0, ETIC Telecom advises users to verify in the \nrouter configuration that: (1) The administration web page is accessible\n only through the LAN side over HTTPS, and (2) The administration web \npage is protected with authentication.\n\n\n\n<br>"}],"value":"To reduce the attack surface in \nversions prior to 4.5.0, ETIC Telecom advises users to verify in the \nrouter configuration that: (1) The administration web page is accessible\n only through the LAN side over HTTPS, and (2) The administration web \npage is protected with authentication."}],"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-01-21T15:05:01.771280Z","id":"CVE-2024-26156","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-21T15:05:56.805Z"}}]}}