Details of VAR-201510-0443

ID

VAR-201510-0443

CVE

CVE-2015-0987

TITLE

plural Omron Vulnerabilities in which important information is obtained in products

Trust: 0.8

sources: JVNDB: JVNDB-2015-005092

DESCRIPTION

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request. Multiple Omron Corporation products are prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to perform unauthorized actions by conducting a man-in-the-middle attack. This may lead to other attacks. The following products are vulnerable: Versions prior to CX-Programmer software 9.6 Versions prior to CJ2M Series PLC 2.1 Versions prior to CJ2H Series PLC 1.5. Omron CX-One CX-Programmer, CJ2M PLC and CJ2H PLC are all products of Japan Omron Corporation. CX-Programmer is a set of programs in the CX-One software suite for configuring programmable devices. The vulnerability is caused by the password that the program transmits in clear text

Trust: 2.25

sources: NVD: CVE-2015-0987 // JVNDB: JVNDB-2015-005092 // BID: 76938 // IVD: 708dca44-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-78933 // VULMON: CVE-2015-0987

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.2

sources: IVD: 708dca44-2351-11e6-abef-000c29c66e3d

AFFECTED PRODUCTS

vendor:	omron	model:	cx-programmer	scope:	lte	version:	9.5	Trust: 1.0
vendor:	omron	model:	cj2h plc	scope:	lte	version:	1.4	Trust: 1.0
vendor:	omron	model:	cj2m plc	scope:	lte	version:	2.0	Trust: 1.0
vendor:	omron	model:	cj2h plc	scope:	lt	version:	1.5	Trust: 0.8
vendor:	omron	model:	cj2m plc	scope:	lt	version:	2.1	Trust: 0.8
vendor:	omron	model:	cx-programmer	scope:	lt	version:	9.6	Trust: 0.8
vendor:	omron	model:	cx-programmer	scope:	eq	version:	9.5	Trust: 0.6
vendor:	omron	model:	cj2m plc	scope:	eq	version:	2.0	Trust: 0.6
vendor:	omron	model:	cj2h plc	scope:	eq	version:	1.4	Trust: 0.6
vendor:	omron	model:	cx-programmer software	scope:	eq	version:	0	Trust: 0.3
vendor:	omron	model:	cj2m series plc	scope:	eq	version:	0	Trust: 0.3
vendor:	omron	model:	cj2h series plc	scope:	eq	version:	0	Trust: 0.3
vendor:	omron	model:	cx-programmer software	scope:	ne	version:	9.6	Trust: 0.3
vendor:	omron	model:	cj2m series plc	scope:	ne	version:	2.1	Trust: 0.3
vendor:	omron	model:	cj2h series plc	scope:	ne	version:	1.5	Trust: 0.3
vendor:	cx programmer	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	cj2h plc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	cj2m plc	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 708dca44-2351-11e6-abef-000c29c66e3d // BID: 76938 // JVNDB: JVNDB-2015-005092 // CNNVD: CNNVD-201510-028 // NVD: CVE-2015-0987

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-0987
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-0987
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201510-028
value:	MEDIUM
Trust: 0.6
IVD:	708dca44-2351-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-78933
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2015-0987
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-0987
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
IVD:	708dca44-2351-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-78933
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 708dca44-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-78933 // VULMON: CVE-2015-0987 // JVNDB: JVNDB-2015-005092 // CNNVD: CNNVD-201510-028 // NVD: CVE-2015-0987

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-78933 // JVNDB: JVNDB-2015-005092 // NVD: CVE-2015-0987

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201510-028

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201510-028

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005092

PATCH

title:	CX-Programmer	url:	https://industrial.omron.us/en/products/catalogue/automation_systems/software/programming/cx-one/default.html	Trust: 0.8
title:	【お知らせ】弊社プログラマブルコントローラ CJシリーズの「UM読出プロテクト機能」に使用しているパスワード保護機能の強化について	url:	http://www.fa.omron.co.jp/product/special/security_plc/index.html	Trust: 0.8

sources: JVNDB: JVNDB-2015-005092

EXTERNAL IDS

db:	NVD	id:	CVE-2015-0987	Trust: 3.1
db:	ICS CERT	id:	ICSA-15-274-01	Trust: 2.9
db:	CNNVD	id:	CNNVD-201510-028	Trust: 0.9
db:	JVN	id:	JVNVU99817917	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-005092	Trust: 0.8
db:	BID	id:	76938	Trust: 0.5
db:	IVD	id:	708DCA44-2351-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-78933	Trust: 0.1
db:	VULMON	id:	CVE-2015-0987	Trust: 0.1

sources: IVD: 708dca44-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-78933 // VULMON: CVE-2015-0987 // BID: 76938 // JVNDB: JVNDB-2015-005092 // CNNVD: CNNVD-201510-028 // NVD: CVE-2015-0987

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-15-274-01	Trust: 2.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0987	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu99817917/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0987	Trust: 0.8
url:	https://industrial.omron.us/en/home	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-15-274-01	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/200.html	Trust: 0.1
url:	https://www.securityfocus.com/bid/76938	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/windows-hotfix-ms16-036	Trust: 0.1

sources: VULHUB: VHN-78933 // VULMON: CVE-2015-0987 // BID: 76938 // JVNDB: JVNDB-2015-005092 // CNNVD: CNNVD-201510-028 // NVD: CVE-2015-0987

CREDITS

Stephen Dunlap

Trust: 0.3

sources: BID: 76938

SOURCES

db:	IVD	id:	708dca44-2351-11e6-abef-000c29c66e3d
db:	VULHUB	id:	VHN-78933
db:	VULMON	id:	CVE-2015-0987
db:	BID	id:	76938
db:	JVNDB	id:	JVNDB-2015-005092
db:	CNNVD	id:	CNNVD-201510-028
db:	NVD	id:	CVE-2015-0987

LAST UPDATE DATE

2024-11-23T21:43:44.253000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-78933	date:	2015-10-07T00:00:00
db:	VULMON	id:	CVE-2015-0987	date:	2015-10-07T00:00:00
db:	BID	id:	76938	date:	2015-10-01T00:00:00
db:	JVNDB	id:	JVNDB-2015-005092	date:	2015-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201510-028	date:	2015-10-09T00:00:00
db:	NVD	id:	CVE-2015-0987	date:	2024-11-21T02:24:05.297

SOURCES RELEASE DATE

db:	IVD	id:	708dca44-2351-11e6-abef-000c29c66e3d	date:	2015-10-09T00:00:00
db:	VULHUB	id:	VHN-78933	date:	2015-10-06T00:00:00
db:	VULMON	id:	CVE-2015-0987	date:	2015-10-06T00:00:00
db:	BID	id:	76938	date:	2015-10-01T00:00:00
db:	JVNDB	id:	JVNDB-2015-005092	date:	2015-10-07T00:00:00
db:	CNNVD	id:	CNNVD-201510-028	date:	2015-10-09T00:00:00
db:	NVD	id:	CVE-2015-0987	date:	2015-10-06T01:59:03.657