Sign-up

ID

VAR-201407-0236


CVE

CVE-2014-2367


TITLE

Advantech WebAccess Remote Authentication Bypass Vulnerability

Trust: 1.7

sources: IVD: 7d7fc402-463f-11e9-b23e-000c29342cb1 // IVD: e4a5d23c-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-14-249 // CNVD: CNVD-2014-04531

DESCRIPTION

The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. This vulnerability allows remote attackers to bypass authentication requirements on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ChkCookieNoRedir function. By providing arbitrary values to certain fields, an attacker can receive a session authentication cookie despite receiving an error message. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. If you set user, proj, and scada are set and bwuser is true, you can access multiple restricted pages. This may aid in further attacks. Advantech WebAccess 7.1 and prior are vulnerable. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment

Trust: 3.51

sources: NVD: CVE-2014-2367 // JVNDB: JVNDB-2014-003490 // ZDI: ZDI-14-249 // CNVD: CNVD-2014-04531 // BID: 68716 // IVD: 7d7fc402-463f-11e9-b23e-000c29342cb1 // IVD: e4a5d23c-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-70306

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 7d7fc402-463f-11e9-b23e-000c29342cb1 // IVD: e4a5d23c-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-04531

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope:eqversion:7.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:5.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:eqversion:6.0

Trust: 1.6

vendor:advantechmodel:webaccessscope:ltversion:7.2

Trust: 1.4

vendor:advantechmodel:webaccessscope:lteversion:7.1

Trust: 1.0

vendor:advantechmodel:webaccessscope: - version: -

Trust: 0.7

vendor:advantechmodel:webaccessscope:eqversion:7.1

Trust: 0.6

vendor:advantech webaccessmodel: - scope:eqversion:5.0

Trust: 0.4

vendor:advantech webaccessmodel: - scope:eqversion:6.0

Trust: 0.4

vendor:advantech webaccessmodel: - scope:eqversion:7.0

Trust: 0.4

vendor:advantech webaccessmodel: - scope:eqversion:*

Trust: 0.4

sources: IVD: 7d7fc402-463f-11e9-b23e-000c29342cb1 // IVD: e4a5d23c-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-14-249 // CNVD: CNVD-2014-04531 // JVNDB: JVNDB-2014-003490 // CNNVD: CNNVD-201407-479 // NVD: CVE-2014-2367

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-2367
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-2367
value: MEDIUM

Trust: 0.8

ZDI: CVE-2014-2367
value: HIGH

Trust: 0.7

CNVD: CNVD-2014-04531
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201407-479
value: MEDIUM

Trust: 0.6

IVD: 7d7fc402-463f-11e9-b23e-000c29342cb1
value: MEDIUM

Trust: 0.2

IVD: e4a5d23c-2351-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-70306
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-2367
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2014-2367
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2014-04531
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d7fc402-463f-11e9-b23e-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: e4a5d23c-2351-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-70306
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 7d7fc402-463f-11e9-b23e-000c29342cb1 // IVD: e4a5d23c-2351-11e6-abef-000c29c66e3d // ZDI: ZDI-14-249 // CNVD: CNVD-2014-04531 // VULHUB: VHN-70306 // JVNDB: JVNDB-2014-003490 // CNNVD: CNNVD-201407-479 // NVD: CVE-2014-2367

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-70306 // JVNDB: JVNDB-2014-003490 // NVD: CVE-2014-2367

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201407-479

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201407-479

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-003490

PATCH
title:Downloads ::: WebAccess Softwareurl:http://webaccess.advantech.com/downloads.php?item=software
Trust: 0.8
title:Advantech WebAccessurl:http://webaccess.advantech.com/
Trust: 0.8
title:Advantech has issued an update to correct this vulnerability.url:http://ics-cert.us-cert.gov/advisories/ICSA-14-198-02
Trust: 0.7
title:Advantech WebAccess Remote Verification Bypass Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/47826
Trust: 0.6
sources:
            
            
            ZDI: ZDI-14-249 // 
            
            
            
            CNVD: CNVD-2014-04531 // 
            
            
            
            JVNDB: JVNDB-2014-003490

EXTERNAL IDS
db:NVDid:CVE-2014-2367
Trust: 4.5
db:ICS CERTid:ICSA-14-198-02
Trust: 3.1
db:CNNVDid:CNNVD-201407-479
Trust: 1.1
db:CNVDid:CNVD-2014-04531
Trust: 1.0
db:BIDid:68716
Trust: 1.0
db:JVNDBid:JVNDB-2014-003490
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2079
Trust: 0.7
db:ZDIid:ZDI-14-249
Trust: 0.7
db:IVDid:7D7FC402-463F-11E9-B23E-000C29342CB1
Trust: 0.2
db:IVDid:E4A5D23C-2351-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-70306
Trust: 0.1
sources:
            
            
            IVD: 7d7fc402-463f-11e9-b23e-000c29342cb1 // 
            
            
            
            IVD: e4a5d23c-2351-11e6-abef-000c29c66e3d // 
            
            
            
            ZDI: ZDI-14-249 // 
            
            
            
            CNVD: CNVD-2014-04531 // 
            
            
            
            VULHUB: VHN-70306 // 
            
            
            
            BID: 68716 // 
            
            
            
            JVNDB: JVNDB-2014-003490 // 
            
            
            
            CNNVD: CNNVD-201407-479 // 
            
            
            
            NVD: CVE-2014-2367

REFERENCES
url:http://ics-cert.us-cert.gov/advisories/icsa-14-198-02
Trust: 3.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2367
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2367
Trust: 0.8
sources:
            
            
            ZDI: ZDI-14-249 // 
            
            
            
            CNVD: CNVD-2014-04531 // 
            
            
            
            VULHUB: VHN-70306 // 
            
            
            
            JVNDB: JVNDB-2014-003490 // 
            
            
            
            CNNVD: CNNVD-201407-479 // 
            
            
            
            NVD: CVE-2014-2367

CREDITS
John Leitch
Trust: 0.7
sources:
            
            
            ZDI: ZDI-14-249

SOURCES
db:IVDid:7d7fc402-463f-11e9-b23e-000c29342cb1
db:IVDid:e4a5d23c-2351-11e6-abef-000c29c66e3d
db:ZDIid:ZDI-14-249
db:CNVDid:CNVD-2014-04531
db:VULHUBid:VHN-70306
db:BIDid:68716
db:JVNDBid:JVNDB-2014-003490
db:CNNVDid:CNNVD-201407-479
db:NVDid:CVE-2014-2367

LAST UPDATE DATE
2024-08-14T14:06:29.135000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-14-249date:2014-07-18T00:00:00
db:CNVDid:CNVD-2014-04531date:2014-07-24T00:00:00
db:VULHUBid:VHN-70306date:2014-07-23T00:00:00
db:BIDid:68716date:2014-07-22T00:07:00
db:JVNDBid:JVNDB-2014-003490date:2014-07-22T00:00:00
db:CNNVDid:CNNVD-201407-479date:2014-07-24T00:00:00
db:NVDid:CVE-2014-2367date:2014-07-23T18:47:15.103

SOURCES RELEASE DATE
db:IVDid:7d7fc402-463f-11e9-b23e-000c29342cb1date:2014-07-24T00:00:00
db:IVDid:e4a5d23c-2351-11e6-abef-000c29c66e3ddate:2014-07-24T00:00:00
db:ZDIid:ZDI-14-249date:2014-07-18T00:00:00
db:CNVDid:CNVD-2014-04531date:2014-07-24T00:00:00
db:VULHUBid:VHN-70306date:2014-07-19T00:00:00
db:BIDid:68716date:2014-07-15T00:00:00
db:JVNDBid:JVNDB-2014-003490date:2014-07-22T00:00:00
db:CNNVDid:CNNVD-201407-479date:2014-07-24T00:00:00
db:NVDid:CVE-2014-2367date:2014-07-19T05:09:27.720