ID

VAR-201109-0172


CVE

CVE-2011-3500


TITLE

Cogent DataHub Directory Traversal Vulnerability

Trust: 1.6

sources: IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d // IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3671 // CNNVD: CNNVD-201109-273

DESCRIPTION

Directory traversal vulnerability in the web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in an HTTP request. Cogent DataHub is software for SCADA and automation. The Cogent DataHub server/service uses a custom web server that listens on port 80. The software does not handle the directory traversal sequence correctly. An attacker can exploit the vulnerability to download files on the server. Cogent DataHub is prone to a directory-traversal vulnerability and an information-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks. Cogent DataHub 7.1.1.63 is vulnerable; other versions may also be affected

Trust: 3.78

sources: NVD: CVE-2011-3500 // JVNDB: JVNDB-2011-002277 // CNVD: CNVD-2011-3671 // CNVD: CNVD-2011-3672 // BID: 49610 // IVD: 845b627e-1f88-11e6-abef-000c29c66e3d // IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d // IVD: a4b8c2c6-2354-11e6-abef-000c29c66e3d // IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d // VULMON: CVE-2011-3500

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 2.0

sources: IVD: 845b627e-1f88-11e6-abef-000c29c66e3d // IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d // IVD: a4b8c2c6-2354-11e6-abef-000c29c66e3d // IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3671 // CNVD: CNVD-2011-3672

AFFECTED PRODUCTS

vendor:cogentdatahubmodel:cogent datahubscope:eqversion:7.0

Trust: 1.6

vendor:cogentdatahubmodel:cogent datahubscope:eqversion:7.1.1

Trust: 1.6

vendor:cogentdatahubmodel:cogent datahubscope:eqversion:7.1.1.63

Trust: 1.6

vendor:cogentdatahubmodel:cogent datahubscope:eqversion:7.1.0

Trust: 1.6

vendor:cogentdatahubmodel:cogent datahubscope:eqversion:7.0.2

Trust: 1.6

vendor:cogentmodel:real-time systems cogent datahubscope:eqversion:7.1.1.63

Trust: 1.5

vendor:cogentmodel:real-time systemsscope:eqversion:*

Trust: 0.8

vendor:cogentmodel:datahubscope:eqversion:7.1.1.63

Trust: 0.8

vendor:cogent real timemodel:datahubscope:lteversion:7.1.1.63

Trust: 0.8

vendor:cogentmodel:real-time systems opc datahubscope:eqversion:6.0.2

Trust: 0.3

vendor:cogentmodel:real-time systems opc datahubscope:eqversion:6

Trust: 0.3

vendor:cogentmodel:real-time systems cogent datahubscope:eqversion:7

Trust: 0.3

vendor:cogentmodel:real-time systems cascade datahubscope:eqversion:6

Trust: 0.3

vendor:cogentmodel:real-time systems opc datahubscope:neversion:6.4.20

Trust: 0.3

vendor:cogentmodel:real-time systems cogent datahubscope:neversion:7.1.2

Trust: 0.3

vendor:cogentmodel:real-time systems cascade datahubscope:neversion:6.4.20

Trust: 0.3

sources: IVD: 845b627e-1f88-11e6-abef-000c29c66e3d // IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d // IVD: a4b8c2c6-2354-11e6-abef-000c29c66e3d // IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3671 // CNVD: CNVD-2011-3672 // BID: 49610 // JVNDB: JVNDB-2011-002277 // CNNVD: CNNVD-201109-273 // NVD: CVE-2011-3500

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-3500
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-3500
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201109-273
value: MEDIUM

Trust: 0.6

IVD: 845b627e-1f88-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: a4b8c2c6-2354-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULMON: CVE-2011-3500
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-3500
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

IVD: 845b627e-1f88-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: a4b8c2c6-2354-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 845b627e-1f88-11e6-abef-000c29c66e3d // IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d // IVD: a4b8c2c6-2354-11e6-abef-000c29c66e3d // IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d // VULMON: CVE-2011-3500 // JVNDB: JVNDB-2011-002277 // CNNVD: CNNVD-201109-273 // NVD: CVE-2011-3500

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2011-002277 // NVD: CVE-2011-3500

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201109-184 // CNNVD: CNNVD-201109-273

TYPE

Path traversal

Trust: 2.0

sources: IVD: 845b627e-1f88-11e6-abef-000c29c66e3d // IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d // IVD: a4b8c2c6-2354-11e6-abef-000c29c66e3d // IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201109-184 // CNNVD: CNNVD-201109-273

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-002277

PATCH

title:Top Pageurl:http://www.cogentdatahub.com/

Trust: 0.8

title:Top Pageurl:http://www.cogentdatahub.com/jp/

Trust: 0.8

sources: JVNDB: JVNDB-2011-002277

EXTERNAL IDS

db:NVDid:CVE-2011-3500

Trust: 3.6

db:ICS CERT ALERTid:ICS-ALERT-11-256-03

Trust: 2.5

db:BIDid:49610

Trust: 2.1

db:CNNVDid:CNNVD-201109-273

Trust: 1.4

db:ICS CERTid:ICSA-11-280-01

Trust: 1.1

db:CNVDid:CNVD-2011-3672

Trust: 1.0

db:CNVDid:CNVD-2011-3671

Trust: 1.0

db:JVNDBid:JVNDB-2011-002277

Trust: 0.8

db:CNNVDid:CNNVD-201109-184

Trust: 0.6

db:IVDid:845B627E-1F88-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:A4D2ED7C-2354-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:A4B8C2C6-2354-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:861A1A24-1F88-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:VULMONid:CVE-2011-3500

Trust: 0.1

sources: IVD: 845b627e-1f88-11e6-abef-000c29c66e3d // IVD: a4d2ed7c-2354-11e6-abef-000c29c66e3d // IVD: a4b8c2c6-2354-11e6-abef-000c29c66e3d // IVD: 861a1a24-1f88-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3671 // CNVD: CNVD-2011-3672 // VULMON: CVE-2011-3500 // BID: 49610 // JVNDB: JVNDB-2011-002277 // CNNVD: CNNVD-201109-184 // CNNVD: CNNVD-201109-273 // NVD: CVE-2011-3500

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-11-256-03.pdf

Trust: 2.5

url:http://aluigi.altervista.org/adv/cogent_2-adv.txt

Trust: 2.3

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-280-01.pdf

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3500

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3500

Trust: 0.8

url:http://aluigi.altervista.org/adv/cogent_4-adv.txt

Trust: 0.6

url:http://www.securityfocus.com/bid/49610

Trust: 0.6

url:http://www.cogentdatahub.com/products/cogent_datahub.html

Trust: 0.3

url:http://aluigi.org/mytoolz/mydown.zip

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/22.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2011-3671 // CNVD: CNVD-2011-3672 // VULMON: CVE-2011-3500 // BID: 49610 // JVNDB: JVNDB-2011-002277 // CNNVD: CNNVD-201109-184 // CNNVD: CNNVD-201109-273 // NVD: CVE-2011-3500

CREDITS

Luigi Auriemma

Trust: 0.9

sources: BID: 49610 // CNNVD: CNNVD-201109-184

SOURCES

db:IVDid:845b627e-1f88-11e6-abef-000c29c66e3d
db:IVDid:a4d2ed7c-2354-11e6-abef-000c29c66e3d
db:IVDid:a4b8c2c6-2354-11e6-abef-000c29c66e3d
db:IVDid:861a1a24-1f88-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-3671
db:CNVDid:CNVD-2011-3672
db:VULMONid:CVE-2011-3500
db:BIDid:49610
db:JVNDBid:JVNDB-2011-002277
db:CNNVDid:CNNVD-201109-184
db:CNNVDid:CNNVD-201109-273
db:NVDid:CVE-2011-3500

LAST UPDATE DATE

2024-08-14T13:49:07.147000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-3671date:2011-09-15T00:00:00
db:CNVDid:CNVD-2011-3672date:2011-09-15T00:00:00
db:VULMONid:CVE-2011-3500date:2011-09-19T00:00:00
db:BIDid:49610date:2011-10-11T16:20:00
db:JVNDBid:JVNDB-2011-002277date:2012-02-03T00:00:00
db:CNNVDid:CNNVD-201109-184date:2011-09-15T00:00:00
db:CNNVDid:CNNVD-201109-273date:2011-09-19T00:00:00
db:NVDid:CVE-2011-3500date:2011-09-19T04:00:00

SOURCES RELEASE DATE

db:IVDid:845b627e-1f88-11e6-abef-000c29c66e3ddate:2011-09-15T00:00:00
db:IVDid:a4d2ed7c-2354-11e6-abef-000c29c66e3ddate:2011-09-15T00:00:00
db:IVDid:a4b8c2c6-2354-11e6-abef-000c29c66e3ddate:2011-09-15T00:00:00
db:IVDid:861a1a24-1f88-11e6-abef-000c29c66e3ddate:2011-09-15T00:00:00
db:CNVDid:CNVD-2011-3671date:2011-09-15T00:00:00
db:CNVDid:CNVD-2011-3672date:2011-09-15T00:00:00
db:VULMONid:CVE-2011-3500date:2011-09-16T00:00:00
db:BIDid:49610date:2011-09-13T00:00:00
db:JVNDBid:JVNDB-2011-002277date:2011-09-30T00:00:00
db:CNNVDid:CNNVD-201109-184date:1900-01-01T00:00:00
db:CNNVDid:CNNVD-201109-273date:2011-09-19T00:00:00
db:NVDid:CVE-2011-3500date:2011-09-16T17:26:14.870