Details of VAR-201703-1056

ID

VAR-201703-1056

CVE

CVE-2017-6182

TITLE

Sophos Web Appliance Command injection vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-002797 // CNNVD: CNNVD-201703-1383

DESCRIPTION

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. Vendors have confirmed this vulnerability NSWA-1304 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The product supports real-time network threat protection, custom web filtering and dynamic control applications. A remote attacker can exploit this vulnerability to inject commands. Exploiting these issues could allow an attacker to execute arbitrary commands in context of the affected application or hijack an arbitrary session and gain unauthorized access to the affected application

Trust: 2.52

sources: NVD: CVE-2017-6182 // JVNDB: JVNDB-2017-002797 // CNVD: CNVD-2017-05239 // BID: 97261 // VULMON: CVE-2017-6182

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-05239

AFFECTED PRODUCTS

vendor:	sophos	model:	web appliance	scope:	lt	version:	4.3.1.2	Trust: 1.4
vendor:	sophos	model:	web appliance	scope:	lte	version:	4.3.1.1	Trust: 1.0
vendor:	sophos	model:	web appliance	scope:	eq	version:	4.3.1.1	Trust: 0.6
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.2	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.0	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	2.1.18	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	4.3	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	4.2.1.3	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.1.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.0	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.7.9.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.7.9	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	ne	version:	4.3.1.2	Trust: 0.3

sources: CNVD: CNVD-2017-05239 // BID: 97261 // JVNDB: JVNDB-2017-002797 // CNNVD: CNNVD-201703-1383 // NVD: CVE-2017-6182

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6182
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-6182
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-05239
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201703-1383
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2017-6182
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-6182
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2017-05239
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2017-6182
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-05239 // VULMON: CVE-2017-6182 // JVNDB: JVNDB-2017-002797 // CNNVD: CNNVD-201703-1383 // NVD: CVE-2017-6182

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.0
problemtype:	CWE-77	Trust: 0.8

sources: JVNDB: JVNDB-2017-002797 // NVD: CVE-2017-6182

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1383

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201703-1383

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-002797

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2017-6182

PATCH

title:	Version 4.3.1.2 Release Notes	url:	http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html	Trust: 0.8
title:	Release of SWA v4.3.1.2	url:	https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2	Trust: 0.8
title:	Patch for SophosWebAppliance Remote Command Injection Vulnerability (CNVD-2017-05239)	url:	https://www.cnvd.org.cn/patchInfo/show/92641	Trust: 0.6
title:	Sophos Web Appliance Fixes for command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68890	Trust: 0.6

sources: CNVD: CNVD-2017-05239 // JVNDB: JVNDB-2017-002797 // CNNVD: CNNVD-201703-1383

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6182	Trust: 3.4
db:	BID	id:	97261	Trust: 2.6
db:	EXPLOIT-DB	id:	42332	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-002797	Trust: 0.8
db:	CNVD	id:	CNVD-2017-05239	Trust: 0.6
db:	CNNVD	id:	CNNVD-201703-1383	Trust: 0.6
db:	VULMON	id:	CVE-2017-6182	Trust: 0.1

sources: CNVD: CNVD-2017-05239 // VULMON: CVE-2017-6182 // BID: 97261 // JVNDB: JVNDB-2017-002797 // CNNVD: CNNVD-201703-1383 // NVD: CVE-2017-6182

REFERENCES

url:	http://wsa.sophos.com/rn/swa/concepts/releasenotes_4.3.1.2.html	Trust: 2.6
url:	http://www.securityfocus.com/bid/97261	Trust: 2.4
url:	https://www.exploit-db.com/exploits/42332/	Trust: 1.8
url:	https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6182	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6182	Trust: 0.8
url:	http://www.splunk.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/78.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2017-05239 // VULMON: CVE-2017-6182 // BID: 97261 // JVNDB: JVNDB-2017-002797 // CNNVD: CNNVD-201703-1383 // NVD: CVE-2017-6182

CREDITS

Russell Sanford, Kapil Khot and Russell Sanford.

Trust: 0.3

sources: BID: 97261

SOURCES

db:	CNVD	id:	CNVD-2017-05239
db:	VULMON	id:	CVE-2017-6182
db:	BID	id:	97261
db:	JVNDB	id:	JVNDB-2017-002797
db:	CNNVD	id:	CNNVD-201703-1383
db:	NVD	id:	CVE-2017-6182

LAST UPDATE DATE

2024-11-23T22:13:08.573000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-05239	date:	2017-04-24T00:00:00
db:	VULMON	id:	CVE-2017-6182	date:	2019-10-03T00:00:00
db:	BID	id:	97261	date:	2017-04-04T00:02:00
db:	JVNDB	id:	JVNDB-2017-002797	date:	2017-04-28T00:00:00
db:	CNNVD	id:	CNNVD-201703-1383	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-6182	date:	2024-11-21T03:29:12.130

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-05239	date:	2017-04-24T00:00:00
db:	VULMON	id:	CVE-2017-6182	date:	2017-03-30T00:00:00
db:	BID	id:	97261	date:	2017-03-31T00:00:00
db:	JVNDB	id:	JVNDB-2017-002797	date:	2017-04-28T00:00:00
db:	CNNVD	id:	CNNVD-201703-1383	date:	2017-03-31T00:00:00
db:	NVD	id:	CVE-2017-6182	date:	2017-03-30T17:59:00.213