Details of VAR-201708-1509

ID

VAR-201708-1509

CVE

CVE-2017-6872

TITLE

Siemens OZW672 and OZW772 Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2017-007020

DESCRIPTION

A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker with access to port 21/tcp to access or alter historical measurement data stored on the device. Siemens OZW672 and OZW772 Contains vulnerabilities related to authorization, permissions, and access control.Information may be obtained and information may be altered. Both Siemens OZW672 and OZW772 are building controller products from Siemens AG. There are data read and write vulnerabilities in Siemens OZW672 and OZW772. An attacker can exploit these issues to bypass the authentication mechanism and perform unauthorized actions. This may aid in further attacks. A security vulnerability exists in Siemens OZW672 and OZW772 devices

Trust: 2.7

sources: NVD: CVE-2017-6872 // JVNDB: JVNDB-2017-007020 // CNVD: CNVD-2017-12867 // BID: 99473 // IVD: 7002627a-a56c-43fd-b57e-9336b0866e9e // VULHUB: VHN-115075

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: 7002627a-a56c-43fd-b57e-9336b0866e9e // CNVD: CNVD-2017-12867

AFFECTED PRODUCTS

vendor:	siemens	model:	ozw772	scope:	eq	version:	-	Trust: 1.6
vendor:	siemens	model:	ozw672	scope:	eq	version:	-	Trust: 1.6
vendor:	siemens	model:	ozw772	scope:	-	version:	-	Trust: 1.4
vendor:	siemens	model:	ozw672	scope:	-	version:	-	Trust: 1.4
vendor:	siemens	model:	ozw772	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	ozw672	scope:	eq	version:	0	Trust: 0.3
vendor:	ozw772	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	ozw672	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: 7002627a-a56c-43fd-b57e-9336b0866e9e // CNVD: CNVD-2017-12867 // BID: 99473 // JVNDB: JVNDB-2017-007020 // CNNVD: CNNVD-201703-625 // NVD: CVE-2017-6872

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6872
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-6872
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-12867
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201703-625
value:	MEDIUM
Trust: 0.6
IVD:	7002627a-a56c-43fd-b57e-9336b0866e9e
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-115075
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-6872
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-12867
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	7002627a-a56c-43fd-b57e-9336b0866e9e
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-115075
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6872
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.5
version:	3.0
Trust: 1.8

sources: IVD: 7002627a-a56c-43fd-b57e-9336b0866e9e // CNVD: CNVD-2017-12867 // VULHUB: VHN-115075 // JVNDB: JVNDB-2017-007020 // CNNVD: CNNVD-201703-625 // NVD: CVE-2017-6872

PROBLEMTYPE DATA

problemtype:	CWE-668	Trust: 1.1
problemtype:	CWE-306	Trust: 1.0
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-115075 // JVNDB: JVNDB-2017-007020 // NVD: CVE-2017-6872

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-625

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201703-625

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-007020

PATCH

title:	SSA-563539	url:	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-563539.pdf	Trust: 0.8
title:	Patch for SiemensOZW672 and OZW772 data read and write vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/97346	Trust: 0.6

sources: CNVD: CNVD-2017-12867 // JVNDB: JVNDB-2017-007020

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6872	Trust: 3.6
db:	SIEMENS	id:	SSA-563539	Trust: 2.6
db:	BID	id:	99473	Trust: 2.0
db:	CNNVD	id:	CNNVD-201703-625	Trust: 0.9
db:	CNVD	id:	CNVD-2017-12867	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-007020	Trust: 0.8
db:	ICS CERT	id:	ICSA-17-187-01	Trust: 0.3
db:	IVD	id:	7002627A-A56C-43FD-B57E-9336B0866E9E	Trust: 0.2
db:	VULHUB	id:	VHN-115075	Trust: 0.1

sources: IVD: 7002627a-a56c-43fd-b57e-9336b0866e9e // CNVD: CNVD-2017-12867 // VULHUB: VHN-115075 // BID: 99473 // JVNDB: JVNDB-2017-007020 // CNNVD: CNNVD-201703-625 // NVD: CVE-2017-6872

REFERENCES

url:	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-563539.pdf	Trust: 2.6
url:	http://www.securityfocus.com/bid/99473	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6872	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6872	Trust: 0.8
url:	http://subscriber.communications.siemens.com/	Trust: 0.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-187-01	Trust: 0.3

sources: CNVD: CNVD-2017-12867 // VULHUB: VHN-115075 // BID: 99473 // JVNDB: JVNDB-2017-007020 // CNNVD: CNNVD-201703-625 // NVD: CVE-2017-6872

CREDITS

Stefan Viehböck from SEC Consult.

Trust: 0.3

sources: BID: 99473

SOURCES

db:	IVD	id:	7002627a-a56c-43fd-b57e-9336b0866e9e
db:	CNVD	id:	CNVD-2017-12867
db:	VULHUB	id:	VHN-115075
db:	BID	id:	99473
db:	JVNDB	id:	JVNDB-2017-007020
db:	CNNVD	id:	CNNVD-201703-625
db:	NVD	id:	CVE-2017-6872

LAST UPDATE DATE

2024-11-23T21:40:29.796000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-12867	date:	2017-07-05T00:00:00
db:	VULHUB	id:	VHN-115075	date:	2019-10-09T00:00:00
db:	BID	id:	99473	date:	2017-07-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-007020	date:	2017-09-08T00:00:00
db:	CNNVD	id:	CNNVD-201703-625	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-6872	date:	2024-11-21T03:30:42.320

SOURCES RELEASE DATE

db:	IVD	id:	7002627a-a56c-43fd-b57e-9336b0866e9e	date:	2017-07-05T00:00:00
db:	CNVD	id:	CNVD-2017-12867	date:	2017-07-05T00:00:00
db:	VULHUB	id:	VHN-115075	date:	2017-08-08T00:00:00
db:	BID	id:	99473	date:	2017-07-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-007020	date:	2017-09-08T00:00:00
db:	CNNVD	id:	CNNVD-201703-625	date:	2017-03-16T00:00:00
db:	NVD	id:	CVE-2017-6872	date:	2017-08-08T00:29:00.290