Details of VAR-201503-0062

ID

VAR-201503-0062

CVE

CVE-2015-0997

TITLE

Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities that gain access

Trust: 0.8

sources: JVNDB: JVNDB-2015-001994

DESCRIPTION

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Attackers can exploit this issue to bypass the authentication mechanism and log in to another user's account. The following products are affected: InduSoft Web Studio 7.1.3.2 and prior. InTouch Machine Edition 7.1.3.2 and prior. This product provides HMI clients with read, write tag and event monitoring capabilities. The vulnerability stems from the fact that the HMI user interface provided by the program contains all valid user names

Trust: 2.88

sources: NVD: CVE-2015-0997 // JVNDB: JVNDB-2015-001994 // CNVD: CNVD-2015-02058 // BID: 73386 // IVD: 7d7f27c0-463f-11e9-8224-000c29342cb1 // IVD: 9a4b4f32-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-78943

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: 7d7f27c0-463f-11e9-8224-000c29342cb1 // IVD: 9a4b4f32-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-02058

AFFECTED PRODUCTS

vendor:	schneider electric	model:	indusoft web studio	scope:	eq	version:	7.1	Trust: 1.2
vendor:	schneider electric	model:	wonderware intouch 2014	scope:	lt	version:	7.1	Trust: 1.0
vendor:	aveva	model:	edge	scope:	lt	version:	7.1.3.4	Trust: 1.0
vendor:	schneider electric	model:	indusoft web studio	scope:	lt	version:	7.1.3.4 sp3 patch 4	Trust: 0.8
vendor:	schneider electric	model:	intouch machine edition 2014	scope:	lt	version:	7.1.3.4 sp3 patch 4	Trust: 0.8
vendor:	schneider	model:	electric indusoft web studio sp3 patch	scope:	lt	version:	7.1.3.44	Trust: 0.6
vendor:	schneider	model:	electric intouch machine edition sp3 patch	scope:	eq	version:	2014(<7.1.3.44)	Trust: 0.6
vendor:	schneider electric	model:	wonderware intouch 2014	scope:	eq	version:	7.1	Trust: 0.6
vendor:	indusoft web studio	model:	-	scope:	eq	version:	*	Trust: 0.4
vendor:	wonderware intouch 2014	model:	-	scope:	eq	version:	*	Trust: 0.4
vendor:	schneider electric	model:	intouch machine edition	scope:	eq	version:	20147.1.3.2	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio	scope:	eq	version:	7.1.3.2	Trust: 0.3
vendor:	schneider electric	model:	indusoft web studio sp patch	scope:	ne	version:	7.1.3.434	Trust: 0.3

sources: IVD: 7d7f27c0-463f-11e9-8224-000c29342cb1 // IVD: 9a4b4f32-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-02058 // BID: 73386 // JVNDB: JVNDB-2015-001994 // CNNVD: CNNVD-201503-616 // NVD: CVE-2015-0997

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-0997
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-0997
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2015-02058
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201503-616
value:	MEDIUM
Trust: 0.6
IVD:	7d7f27c0-463f-11e9-8224-000c29342cb1
value:	MEDIUM
Trust: 0.2
IVD:	9a4b4f32-2351-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-78943
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-0997
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-02058
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	7d7f27c0-463f-11e9-8224-000c29342cb1
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	9a4b4f32-2351-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-78943
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 7d7f27c0-463f-11e9-8224-000c29342cb1 // IVD: 9a4b4f32-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-02058 // VULHUB: VHN-78943 // JVNDB: JVNDB-2015-001994 // CNNVD: CNNVD-201503-616 // NVD: CVE-2015-0997

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-78943 // JVNDB: JVNDB-2015-001994 // NVD: CVE-2015-0997

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201503-616

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201503-616

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-001994

PATCH

title:	InTouch Machine Edition 2014 Vulnerabilities	url:	http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02	Trust: 0.8
title:	InduSoft Web Studi Vulnerabilities	url:	http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01	Trust: 0.8
title:	\302\240\302\240\302\240\302\240\302\240Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Edition Information Disclosure Vulnerability (CNVD-2015-02058)	url:	https://www.cnvd.org.cn/patchInfo/show/56786	Trust: 0.6
title:	IWS71.3.4	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54647	Trust: 0.6

sources: CNVD: CNVD-2015-02058 // JVNDB: JVNDB-2015-001994 // CNNVD: CNNVD-201503-616

EXTERNAL IDS

db:	NVD	id:	CVE-2015-0997	Trust: 3.8
db:	ICS CERT	id:	ICSA-15-085-01	Trust: 2.8
db:	SCHNEIDER	id:	SEVD-2015-054-01	Trust: 2.3
db:	SCHNEIDER	id:	SEVD-2015-054-02	Trust: 1.7
db:	CNNVD	id:	CNNVD-201503-616	Trust: 1.1
db:	CNVD	id:	CNVD-2015-02058	Trust: 1.0
db:	JVNDB	id:	JVNDB-2015-001994	Trust: 0.8
db:	BID	id:	73386	Trust: 0.4
db:	IVD	id:	7D7F27C0-463F-11E9-8224-000C29342CB1	Trust: 0.2
db:	IVD	id:	9A4B4F32-2351-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-78943	Trust: 0.1

sources: IVD: 7d7f27c0-463f-11e9-8224-000c29342cb1 // IVD: 9a4b4f32-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2015-02058 // VULHUB: VHN-78943 // BID: 73386 // JVNDB: JVNDB-2015-001994 // CNNVD: CNNVD-201503-616 // NVD: CVE-2015-0997

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-15-085-01	Trust: 2.8
url:	http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-01	Trust: 2.3
url:	http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-02	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0997	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0997	Trust: 0.8
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3

sources: CNVD: CNVD-2015-02058 // VULHUB: VHN-78943 // BID: 73386 // JVNDB: JVNDB-2015-001994 // CNNVD: CNNVD-201503-616 // NVD: CVE-2015-0997

CREDITS

Gleb Gritsai, Ilya Karpov, Kirill Nesterov, and Alisa Esage Shevcheckno

Trust: 0.3

sources: BID: 73386

SOURCES

db:	IVD	id:	7d7f27c0-463f-11e9-8224-000c29342cb1
db:	IVD	id:	9a4b4f32-2351-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2015-02058
db:	VULHUB	id:	VHN-78943
db:	BID	id:	73386
db:	JVNDB	id:	JVNDB-2015-001994
db:	CNNVD	id:	CNNVD-201503-616
db:	NVD	id:	CVE-2015-0997

LAST UPDATE DATE

2024-11-23T22:01:52.843000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-02058	date:	2015-03-31T00:00:00
db:	VULHUB	id:	VHN-78943	date:	2018-10-30T00:00:00
db:	BID	id:	73386	date:	2015-03-26T00:00:00
db:	JVNDB	id:	JVNDB-2015-001994	date:	2015-04-01T00:00:00
db:	CNNVD	id:	CNNVD-201503-616	date:	2021-05-18T00:00:00
db:	NVD	id:	CVE-2015-0997	date:	2024-11-21T02:24:06.437

SOURCES RELEASE DATE

db:	IVD	id:	7d7f27c0-463f-11e9-8224-000c29342cb1	date:	2015-03-31T00:00:00
db:	IVD	id:	9a4b4f32-2351-11e6-abef-000c29c66e3d	date:	2015-03-31T00:00:00
db:	CNVD	id:	CNVD-2015-02058	date:	2015-03-31T00:00:00
db:	VULHUB	id:	VHN-78943	date:	2015-03-29T00:00:00
db:	BID	id:	73386	date:	2015-03-26T00:00:00
db:	JVNDB	id:	JVNDB-2015-001994	date:	2015-04-01T00:00:00
db:	CNNVD	id:	CNNVD-201503-616	date:	2015-03-30T00:00:00
db:	NVD	id:	CVE-2015-0997	date:	2015-03-29T10:59:06.647