Details of VAR-201601-0035

ID

VAR-201601-0035

CVE

CVE-2016-0853

TITLE

Advantech WebAccess Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2016-001283

DESCRIPTION

Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input. WebAccess HMI/SCADA software provides remote control and management, allowing users to easily view and configure automation equipment in facility management systems, power stations and building automation systems. Advantech WebAccess is prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An arbitrary file-upload vulnerability 3. A directory-traversal vulnerability 4. Multiple stack-based buffer-overflow vulnerabilities 5. A heap-based buffer overflow vulnerability 6. Multiple buffer-overflow vulnerabilities 7. Multiple information disclosure vulnerabilities 8. A cross-site scripting vulnerability 9. An SQL-injection vulnerability 10. A cross-site request forgery vulnerability 11. A remote-code execution vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, cause a denial-of-service condition, upload arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, to use directory-traversal sequences ('../') to retrieve arbitrary files, obtain sensitive information and perform certain unauthorized actions. This may aid in further attacks. Advantech WebAccess 8.0 and prior versions are vulnerable. Advantech WebAccess is a browser-based HMI/SCADA software developed by Advantech

Trust: 2.7

sources: NVD: CVE-2016-0853 // JVNDB: JVNDB-2016-001283 // CNVD: CNVD-2016-00433 // BID: 80745 // IVD: 64d87b2c-2351-11e6-abef-000c29c66e3d // VULHUB: VHN-88363

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 64d87b2c-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2016-00433

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess	scope:	lt	version:	8.1	Trust: 1.4
vendor:	advantech	model:	webaccess	scope:	lte	version:	8.0	Trust: 1.0
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.0	Trust: 0.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	8	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	eq	version:	7.2	Trust: 0.3
vendor:	advantech	model:	webaccess	scope:	ne	version:	8.1	Trust: 0.3
vendor:	webaccess	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 64d87b2c-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2016-00433 // BID: 80745 // JVNDB: JVNDB-2016-001283 // CNNVD: CNNVD-201601-326 // NVD: CVE-2016-0853

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-0853
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-0853
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-00433
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201601-326
value:	MEDIUM
Trust: 0.6
IVD:	64d87b2c-2351-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-88363
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-0853
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-00433
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	64d87b2c-2351-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-88363
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-0853
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.0

sources: IVD: 64d87b2c-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2016-00433 // VULHUB: VHN-88363 // JVNDB: JVNDB-2016-001283 // CNNVD: CNNVD-201601-326 // NVD: CVE-2016-0853

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-88363 // JVNDB: JVNDB-2016-001283 // NVD: CVE-2016-0853

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201601-326

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201601-326

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001283

PATCH

title:	Advantech WebAccess	url:	http://www.advantech.com/industrial-automation/webaccess	Trust: 0.8
title:	Patch for Advantech WebAccess Information Disclosure Vulnerability (CNVD-2016-00433)	url:	https://www.cnvd.org.cn/patchInfo/show/70376	Trust: 0.6
title:	Advantech WebAccess Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59644	Trust: 0.6

sources: CNVD: CNVD-2016-00433 // JVNDB: JVNDB-2016-001283 // CNNVD: CNNVD-201601-326

EXTERNAL IDS

db:	NVD	id:	CVE-2016-0853	Trust: 3.6
db:	ICS CERT	id:	ICSA-16-014-01	Trust: 2.8
db:	CNNVD	id:	CNNVD-201601-326	Trust: 0.9
db:	CNVD	id:	CNVD-2016-00433	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-001283	Trust: 0.8
db:	BID	id:	80745	Trust: 0.3
db:	IVD	id:	64D87B2C-2351-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-88363	Trust: 0.1

sources: IVD: 64d87b2c-2351-11e6-abef-000c29c66e3d // CNVD: CNVD-2016-00433 // VULHUB: VHN-88363 // BID: 80745 // JVNDB: JVNDB-2016-001283 // CNNVD: CNNVD-201601-326 // NVD: CVE-2016-0853

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-16-014-01	Trust: 2.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0853	Trust: 1.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0853	Trust: 0.8
url:	http://webaccess.advantech.com	Trust: 0.3

sources: CNVD: CNVD-2016-00433 // VULHUB: VHN-88363 // BID: 80745 // JVNDB: JVNDB-2016-001283 // CNNVD: CNNVD-201601-326 // NVD: CVE-2016-0853

CREDITS

Ilya Karpov of Positive Technologies, Ivan Sanchez, Andrea Micalizzi, Ariele Caltabiano, Fritz Sands, Steven Seeley, and an anonymous researcher

Trust: 0.3

sources: BID: 80745

SOURCES

db:	IVD	id:	64d87b2c-2351-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2016-00433
db:	VULHUB	id:	VHN-88363
db:	BID	id:	80745
db:	JVNDB	id:	JVNDB-2016-001283
db:	CNNVD	id:	CNNVD-201601-326
db:	NVD	id:	CVE-2016-0853

LAST UPDATE DATE

2024-08-14T13:33:09.005000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-00433	date:	2016-01-25T00:00:00
db:	VULHUB	id:	VHN-88363	date:	2016-01-21T00:00:00
db:	BID	id:	80745	date:	2016-01-14T00:00:00
db:	JVNDB	id:	JVNDB-2016-001283	date:	2016-01-26T00:00:00
db:	CNNVD	id:	CNNVD-201601-326	date:	2016-01-18T00:00:00
db:	NVD	id:	CVE-2016-0853	date:	2016-01-21T16:08:21.623

SOURCES RELEASE DATE

db:	IVD	id:	64d87b2c-2351-11e6-abef-000c29c66e3d	date:	2016-01-25T00:00:00
db:	CNVD	id:	CNVD-2016-00433	date:	2016-01-25T00:00:00
db:	VULHUB	id:	VHN-88363	date:	2016-01-15T00:00:00
db:	BID	id:	80745	date:	2016-01-14T00:00:00
db:	JVNDB	id:	JVNDB-2016-001283	date:	2016-01-26T00:00:00
db:	CNNVD	id:	CNNVD-201601-326	date:	2016-01-18T00:00:00
db:	NVD	id:	CVE-2016-0853	date:	2016-01-15T03:59:15.500