Headline
CVE-2022-21184: TALOS-2022-1461 || Cisco Talos Intelligence Group
An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Summary
An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Tested Versions
Bachmann Visutec GmbH Atvise 3.5.4
Bachmann Visutec GmbH Atvise 3.6
Bachmann Visutec GmbH Atvise 3.7
Product URLs
Atvise - http://www.atvise.com
CVSSv3 Score
5.9 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE
CWE-319 - Cleartext Transmission of Sensitive Information
Details
The Atvise scada software package is a cross-platform solution for managing scada networks.
While registering the Atvise software, the user has to enter the login and password for the Atvise.com website account into the client application. These credentials are then sent via plaintext HTTP Post request to www.atvise.com. An attacker able to man-in-the-middle the connection could steal these credentials and use them to log into the Atvise website and download software and licenses. There is no impact to the machine running the client component.
Vendor Response
The vendor has provided an updated version at the following URL: https://customer.atvise.com/de/component/phocadownload/category/116-atvise-3-7
Timeline
2022-02-02 - Initial vendor contact
2022-02-16 - Vendor Disclosure
2022-06-15 - Public Release
2022-06-15 - Vendor Patch Release
Discovered by Martin Zeiser of Cisco Talos.