|Topic||Cross-site request forgery attack on change password form|
|Affects||N2OS between v19.0.4 and v20.0.3, Guardian and CMC|
|CVE Risk Level||High|
|Risk Level for Nozomi customers||Medium|
Change password doesn't validate CSRF token properly.
An attacker can force the victim to change password without knowing. To successfully complete this attack the victim needs to be logged to the Guardian/CMC and visit a special prepared page containing the forged change password request. The change password request will be logged to the internal Guardian/CMC audit log and the victim session will be terminated. The attacked must have Guardian/CMC reachability to login into the system after a successful attack.
Guardian/CMC starting from v19.0.4 are affected, versions before v19.0.4 are NOT affected.
Users should always pay attention to phishing emails and un-trusted links.
v19 series: Upgrade to v19.0.11 v20 series: Upgrade to v20.0.3
2020-05-26: Initial revision
This bug was found by Schneider Electric Industry Services