Sign-up

ID

VAR-201702-0673


CVE

CVE-2017-5152


TITLE

Advantech WebAccess Security Bypass Vulnerability

Trust: 0.8

sources: IVD: ec77c86b-3355-445c-a5a5-7138437a8d7a // CNVD: CNVD-2017-00552

DESCRIPTION

An issue was discovered in Advantech WebAccess Version 8.1. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access pages unrestricted (AUTHENTICATION BYPASS). This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess (formerly known as BroadWinWebAccess) is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A security bypass vulnerability exists in Advantech WebAccess version 8.1. An attacker could exploit the vulnerability to bypass certain security restrictions and perform unauthorized operations. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. WebAccess 8.1 is vulnerable; other versions may also be affected

Trust: 3.33

sources: NVD: CVE-2017-5152 // JVNDB: JVNDB-2017-001615 // ZDI: ZDI-17-043 // CNVD: CNVD-2017-00552 // BID: 95410 // IVD: ec77c86b-3355-445c-a5a5-7138437a8d7a // VULHUB: VHN-113355

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: ec77c86b-3355-445c-a5a5-7138437a8d7a // CNVD: CNVD-2017-00552

AFFECTED PRODUCTS

vendor:advantechmodel:webaccessscope:eqversion:8.1

Trust: 3.3

vendor:advantechmodel:webaccessscope: - version: -

Trust: 0.7

vendor:advantechmodel:webaccessscope:neversion:8.2

Trust: 0.3

vendor:webaccessmodel: - scope:eqversion:8.1

Trust: 0.2

sources: IVD: ec77c86b-3355-445c-a5a5-7138437a8d7a // ZDI: ZDI-17-043 // CNVD: CNVD-2017-00552 // BID: 95410 // JVNDB: JVNDB-2017-001615 // CNNVD: CNNVD-201701-327 // NVD: CVE-2017-5152

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-5152
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-5152
value: CRITICAL

Trust: 0.8

ZDI: CVE-2017-5152
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2017-00552
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201701-327
value: MEDIUM

Trust: 0.6

IVD: ec77c86b-3355-445c-a5a5-7138437a8d7a
value: MEDIUM

Trust: 0.2

VULHUB: VHN-113355
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-5152
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-5152
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2017-00552
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ec77c86b-3355-445c-a5a5-7138437a8d7a
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-113355
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-5152
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.0

Trust: 1.8

sources: IVD: ec77c86b-3355-445c-a5a5-7138437a8d7a // ZDI: ZDI-17-043 // CNVD: CNVD-2017-00552 // VULHUB: VHN-113355 // JVNDB: JVNDB-2017-001615 // CNNVD: CNNVD-201701-327 // NVD: CVE-2017-5152

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-113355 // JVNDB: JVNDB-2017-001615 // NVD: CVE-2017-5152

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201701-327

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201701-327

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-001615

PATCH
title:Advantech WebAccessurl:http://www.advantech.com/industrial-automation/webaccess
Trust: 0.8
title:Advantech has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-17-012-01
Trust: 0.7
title:Advantech WebAccess Security Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/88105
Trust: 0.6
title:Advantech WebAccess Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66986
Trust: 0.6
sources:
            
            
            ZDI: ZDI-17-043 // 
            
            
            
            CNVD: CNVD-2017-00552 // 
            
            
            
            JVNDB: JVNDB-2017-001615 // 
            
            
            
            CNNVD: CNNVD-201701-327

EXTERNAL IDS
db:NVDid:CVE-2017-5152
Trust: 4.3
db:ICS CERTid:ICSA-17-012-01
Trust: 3.4
db:BIDid:95410
Trust: 2.0
db:ZDIid:ZDI-17-043
Trust: 1.6
db:TENABLEid:TRA-2017-04
Trust: 1.1
db:CNNVDid:CNNVD-201701-327
Trust: 0.9
db:CNVDid:CNVD-2017-00552
Trust: 0.8
db:JVNDBid:JVNDB-2017-001615
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3679
Trust: 0.7
db:IVDid:EC77C86B-3355-445C-A5A5-7138437A8D7A
Trust: 0.2
db:VULHUBid:VHN-113355
Trust: 0.1
sources:
            
            
            IVD: ec77c86b-3355-445c-a5a5-7138437a8d7a // 
            
            
            
            ZDI: ZDI-17-043 // 
            
            
            
            CNVD: CNVD-2017-00552 // 
            
            
            
            VULHUB: VHN-113355 // 
            
            
            
            BID: 95410 // 
            
            
            
            JVNDB: JVNDB-2017-001615 // 
            
            
            
            CNNVD: CNNVD-201701-327 // 
            
            
            
            NVD: CVE-2017-5152

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-17-012-01
Trust: 3.8
url:http://www.securityfocus.com/bid/95410
Trust: 1.1
url:https://www.tenable.com/security/research/tra-2017-04
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5152
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5152
Trust: 0.8
url:http://www.zerodayinitiative.com/advisories/zdi-17-043/
Trust: 0.6
url:http://webaccess.advantech.com
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-17-043/ 
Trust: 0.3
url:https://ics-cert.us-cert.gov/advisories/icsa-17-012-01 
Trust: 0.3
sources:
            
            
            ZDI: ZDI-17-043 // 
            
            
            
            CNVD: CNVD-2017-00552 // 
            
            
            
            VULHUB: VHN-113355 // 
            
            
            
            BID: 95410 // 
            
            
            
            JVNDB: JVNDB-2017-001615 // 
            
            
            
            CNNVD: CNNVD-201701-327 // 
            
            
            
            NVD: CVE-2017-5152

CREDITS
Tenable Network Security
Trust: 1.0
sources:
            
            
            ZDI: ZDI-17-043 // 
            
            
            
            BID: 95410

SOURCES
db:IVDid:ec77c86b-3355-445c-a5a5-7138437a8d7a
db:ZDIid:ZDI-17-043
db:CNVDid:CNVD-2017-00552
db:VULHUBid:VHN-113355
db:BIDid:95410
db:JVNDBid:JVNDB-2017-001615
db:CNNVDid:CNNVD-201701-327
db:NVDid:CVE-2017-5152

LAST UPDATE DATE
2024-08-14T13:56:59.989000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-17-043date:2017-01-12T00:00:00
db:CNVDid:CNVD-2017-00552date:2017-01-18T00:00:00
db:VULHUBid:VHN-113355date:2017-11-03T00:00:00
db:BIDid:95410date:2017-01-23T04:05:00
db:JVNDBid:JVNDB-2017-001615date:2017-03-08T00:00:00
db:CNNVDid:CNNVD-201701-327date:2017-01-13T00:00:00
db:NVDid:CVE-2017-5152date:2017-11-03T01:29:07.687

SOURCES RELEASE DATE
db:IVDid:ec77c86b-3355-445c-a5a5-7138437a8d7adate:2017-01-18T00:00:00
db:ZDIid:ZDI-17-043date:2017-01-12T00:00:00
db:CNVDid:CNVD-2017-00552date:2017-01-18T00:00:00
db:VULHUBid:VHN-113355date:2017-02-13T00:00:00
db:BIDid:95410date:2017-01-12T00:00:00
db:JVNDBid:JVNDB-2017-001615date:2017-03-08T00:00:00
db:CNNVDid:CNNVD-201701-327date:2017-01-13T00:00:00
db:NVDid:CVE-2017-5152date:2017-02-13T21:59:02.643