Details of VAR-201705-2332

ID

VAR-201705-2332

CVE

CVE-2016-5810

TITLE

Advantech WebAccess of upAdminPg.asp Vulnerable to obtaining important password information

Trust: 0.8

sources: JVNDB: JVNDB-2016-008542

DESCRIPTION

upAdminPg.asp in Advantech WebAccess before 8.1_20160519 allows remote authenticated administrators to obtain sensitive password information via unspecified vectors. Authentication is required to exploit this vulnerability.The specific flaw exists within upAdminPg.asp. One project administrator can view other project administrators' passwords along with the system administrator's password. An attacker can leverage this vulnerability to escalate privileges within the system. Advantech WebAccess (formerly known as BroadWin WebAccess) is a suite of browser-based HMI/SCADA software from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. ActiveX is one of the components used to transmit dynamic images in surveillance. A version of ActiveX prior to Advantech WebAccess 8.1_20160519 has a security vulnerability. An attacker could exploit the vulnerability to insert or run arbitrary code on an affected system

Trust: 3.06

sources: NVD: CVE-2016-5810 // JVNDB: JVNDB-2016-008542 // ZDI: ZDI-16-429 // CNVD: CNVD-2016-10506 // IVD: 29796eef-56cd-4ee0-aefc-005c9ec1b53a // VULHUB: VHN-94629

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 29796eef-56cd-4ee0-aefc-005c9ec1b53a // CNVD: CNVD-2016-10506

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess	scope:	lte	version:	8.1	Trust: 1.0
vendor:	advantech	model:	webaccess	scope:	lt	version:	8.1_20160519	Trust: 0.8
vendor:	advantech	model:	webaccess	scope:	-	version:	-	Trust: 0.7
vendor:	advantech	model:	webaccess <8.1 20160519	scope:	-	version:	-	Trust: 0.6
vendor:	advantech	model:	webaccess	scope:	eq	version:	8.1	Trust: 0.6
vendor:	webaccess	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 29796eef-56cd-4ee0-aefc-005c9ec1b53a // ZDI: ZDI-16-429 // CNVD: CNVD-2016-10506 // JVNDB: JVNDB-2016-008542 // CNNVD: CNNVD-201610-867 // NVD: CVE-2016-5810

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-5810
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-5810
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2016-5810
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2016-10506
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201610-867
value:	MEDIUM
Trust: 0.6
IVD:	29796eef-56cd-4ee0-aefc-005c9ec1b53a
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-94629
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-5810
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ZDI:	CVE-2016-5810
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2016-10506
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	29796eef-56cd-4ee0-aefc-005c9ec1b53a
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-94629
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-5810
baseSeverity:	MEDIUM
baseScore:	4.9
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: IVD: 29796eef-56cd-4ee0-aefc-005c9ec1b53a // ZDI: ZDI-16-429 // CNVD: CNVD-2016-10506 // VULHUB: VHN-94629 // JVNDB: JVNDB-2016-008542 // CNNVD: CNNVD-201610-867 // NVD: CVE-2016-5810

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-94629 // JVNDB: JVNDB-2016-008542 // NVD: CVE-2016-5810

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-867

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201610-867

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-008542

PATCH

title:	Advantech WebAccess	url:	http://www.advantech.com/industrial-automation/webaccess	Trust: 0.8
title:	Advantech has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-16-173-01	Trust: 0.7
title:	Advantech WebAccess ActiveX vulnerable patch	url:	https://www.cnvd.org.cn/patchInfo/show/83391	Trust: 0.6
title:	Advantech WebAccess ActiveX Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65188	Trust: 0.6

sources: ZDI: ZDI-16-429 // CNVD: CNVD-2016-10506 // JVNDB: JVNDB-2016-008542 // CNNVD: CNNVD-201610-867

EXTERNAL IDS

db:	NVD	id:	CVE-2016-5810	Trust: 4.0
db:	ICS CERT	id:	ICSA-16-173-01	Trust: 3.1
db:	ZDI	id:	ZDI-16-429	Trust: 2.4
db:	CNNVD	id:	CNNVD-201610-867	Trust: 0.9
db:	CNVD	id:	CNVD-2016-10506	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-008542	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3746	Trust: 0.7
db:	IVD	id:	29796EEF-56CD-4EE0-AEFC-005C9EC1B53A	Trust: 0.2
db:	VULHUB	id:	VHN-94629	Trust: 0.1

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-16-173-01	Trust: 3.8
url:	http://www.zerodayinitiative.com/advisories/zdi-16-429	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5810	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5810	Trust: 0.8

sources: ZDI: ZDI-16-429 // CNVD: CNVD-2016-10506 // VULHUB: VHN-94629 // JVNDB: JVNDB-2016-008542 // CNNVD: CNNVD-201610-867 // NVD: CVE-2016-5810

CREDITS

Zhou Yu

Trust: 0.7

sources: ZDI: ZDI-16-429

SOURCES

db:	IVD	id:	29796eef-56cd-4ee0-aefc-005c9ec1b53a
db:	ZDI	id:	ZDI-16-429
db:	CNVD	id:	CNVD-2016-10506
db:	VULHUB	id:	VHN-94629
db:	JVNDB	id:	JVNDB-2016-008542
db:	CNNVD	id:	CNNVD-201610-867
db:	NVD	id:	CVE-2016-5810

LAST UPDATE DATE

2024-08-14T14:51:59.020000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-16-429	date:	2016-07-18T00:00:00
db:	CNVD	id:	CNVD-2016-10506	date:	2016-11-02T00:00:00
db:	VULHUB	id:	VHN-94629	date:	2017-05-11T00:00:00
db:	JVNDB	id:	JVNDB-2016-008542	date:	2017-06-02T00:00:00
db:	CNNVD	id:	CNNVD-201610-867	date:	2017-05-03T00:00:00
db:	NVD	id:	CVE-2016-5810	date:	2017-05-11T16:36:48.103

SOURCES RELEASE DATE

db:	IVD	id:	29796eef-56cd-4ee0-aefc-005c9ec1b53a	date:	2016-11-02T00:00:00
db:	ZDI	id:	ZDI-16-429	date:	2016-07-18T00:00:00
db:	CNVD	id:	CNVD-2016-10506	date:	2016-11-02T00:00:00
db:	VULHUB	id:	VHN-94629	date:	2017-05-02T00:00:00
db:	JVNDB	id:	JVNDB-2016-008542	date:	2017-06-02T00:00:00
db:	CNNVD	id:	CNNVD-201610-867	date:	2016-10-31T00:00:00
db:	NVD	id:	CVE-2016-5810	date:	2017-05-02T14:59:00.487