Sign-up

ID

VAR-201712-0125


CVE

CVE-2017-3185


TITLE

ACTi cameras models from the D, B, I, and E series contain multiple security vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#355151

DESCRIPTION

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC have a web application that uses the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources. According to the reporter, ACTi devices including D, B, I, and E series models using firmware version A1D-500-V6.11.31-AC are vulnerable to several issues. According to the reporter, ACTi Of the camera products provided by version A1D-500-V6.11.31-AC There are problems with multiple series using. The problem of lack of authentication for important functions (CWE-306) - CVE-2017-3184 These products do not have proper access restrictions for the configuration initialization function. A remote third party http://x.x.x.x/setup/setup_maintain_firmware-default.html like URL It is possible to initialize the product settings by directly accessing. This may interfere with service operation for the device. (DoS) Default password issue or cause weak (CVE-2017-3186) Can be used. GET Information leakage due to the query string included in the request (CWE-598) - CVE-2017-3185 The web interface of these products includes sensitive information such as usernames and passwords. GET Use the request. Therefore, it is possible to obtain such sensitive information from various histories such as browser history, referrer, and communication log. Weak default password (CWE-521) - CVE-2017-3186 The default settings for these products use the same authentication information for all devices. If you are using the default settings, a remote third party can log in with your administrator credentials and have complete control of the device.A remote third party initializes the device to the factory default settings, obtains sensitive information such as a user name and password, or logs in to the device as an administrator using the initial authentication information. There is likely to be. ACTiISeries and others are ACTi's series of network surveillance cameras. There are security vulnerabilities in several ACTi products. A remote attacker can exploit a vulnerability to submit a special request for sensitive information. An authentication-bypass vulnerability. 2. An information disclosure vulnerability. 3. An attacker can exploit these issues to bypass certain security restrictions, perform certain unauthorized actions , bypass the authentication mechanism and compromise the application; This may aid in further attacks. There is a security vulnerability, which stems from the fact that the program uses the GET method to process requests

Trust: 3.33

sources: NVD: CVE-2017-3185 // CERT/CC: VU#355151 // JVNDB: JVNDB-2017-003933 // CNVD: CNVD-2017-04256 // BID: 96720 // VULHUB: VHN-111388 // VULMON: CVE-2017-3185

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-04256

AFFECTED PRODUCTS

vendor:actimodel:camerascope:eqversion:a1d-500-v6.11.31-ac

Trust: 1.6

vendor:actimodel:b series a1d-500-v6.11.31-acscope: - version: -

Trust: 0.9

vendor:actimodel:d series a1d-500-v6.11.31-acscope: - version: -

Trust: 0.9

vendor:actimodel:e series a1d-500-v6.11.31-acscope: - version: -

Trust: 0.9

vendor:actimodel:i series a1d-500-v6.11.31-acscope: - version: -

Trust: 0.9

vendor:actimodel: - scope: - version: -

Trust: 0.8

vendor:actimodel:camerascope:eqversion:version a1d-500-v6.11.31-ac using d

Trust: 0.8

vendor:actimodel:camerascope:eqversion:b

Trust: 0.8

vendor:actimodel:camerascope:eqversion:i

Trust: 0.8

vendor:actimodel:camerascope:eqversion:e series

Trust: 0.8

sources: CERT/CC: VU#355151 // CNVD: CNVD-2017-04256 // BID: 96720 // JVNDB: JVNDB-2017-003933 // CNNVD: CNNVD-201703-357 // NVD: CVE-2017-3185

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-3185
value: CRITICAL

Trust: 1.0

IPA: JVNDB-2017-003933
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2017-04256
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201703-357
value: CRITICAL

Trust: 0.6

VULHUB: VHN-111388
value: MEDIUM

Trust: 0.1

VULMON: CVE-2017-3185
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-3185
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

IPA: JVNDB-2017-003933
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2017-04256
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-111388
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-3185
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.0

IPA: JVNDB-2017-003933
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2017-04256 // VULHUB: VHN-111388 // VULMON: CVE-2017-3185 // JVNDB: JVNDB-2017-003933 // CNNVD: CNNVD-201703-357 // NVD: CVE-2017-3185

PROBLEMTYPE DATA

problemtype:CWE-598

Trust: 1.8

problemtype:CWE-200

Trust: 1.1

problemtype:CWE-306

Trust: 0.8

problemtype:CWE-521

Trust: 0.8

sources: VULHUB: VHN-111388 // JVNDB: JVNDB-2017-003933 // NVD: CVE-2017-3185

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-357

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201703-357

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-003933

PATCH
title:Product Listurl:https://www.acti.com/productselector/
Trust: 0.8
title:Patches for multiple ACTi product sensitive information disclosure vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/91486
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-04256 // 
            
            
            
            JVNDB: JVNDB-2017-003933

EXTERNAL IDS
db:CERT/CCid:VU#355151
Trust: 3.7
db:NVDid:CVE-2017-3185
Trust: 3.5
db:BIDid:96720
Trust: 2.7
db:JVNid:JVNVU92233464
Trust: 0.8
db:JVNDBid:JVNDB-2017-003933
Trust: 0.8
db:CNNVDid:CNNVD-201703-357
Trust: 0.7
db:CNVDid:CNVD-2017-04256
Trust: 0.6
db:VULHUBid:VHN-111388
Trust: 0.1
db:VULMONid:CVE-2017-3185
Trust: 0.1
sources:
            
            
            CERT/CC: VU#355151 // 
            
            
            
            CNVD: CNVD-2017-04256 // 
            
            
            
            VULHUB: VHN-111388 // 
            
            
            
            VULMON: CVE-2017-3185 // 
            
            
            
            BID: 96720 // 
            
            
            
            JVNDB: JVNDB-2017-003933 // 
            
            
            
            CNNVD: CNNVD-201703-357 // 
            
            
            
            NVD: CVE-2017-3185

REFERENCES
url:https://www.kb.cert.org/vuls/id/355151
Trust: 3.0
url:http://www.securityfocus.com/bid/96720/info
Trust: 1.8
url:https://twitter.com/hfuhs/status/839252357221330944
Trust: 1.8
url:https://twitter.com/hack3rsca/status/839599437907386368
Trust: 1.8
url:http://www.acti.com/
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/306.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/521.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/598.html
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3184
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3185
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3186
Trust: 0.8
url:http://jvn.jp/vu/jvnvu92233464/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-3184
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-3185
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-3186
Trust: 0.8
url:http://www.securityfocus.com/bid/96720
Trust: 0.7
url:http://www.acti.com/home/index.asp
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CERT/CC: VU#355151 // 
            
            
            
            CNVD: CNVD-2017-04256 // 
            
            
            
            VULHUB: VHN-111388 // 
            
            
            
            VULMON: CVE-2017-3185 // 
            
            
            
            BID: 96720 // 
            
            
            
            JVNDB: JVNDB-2017-003933 // 
            
            
            
            CNNVD: CNNVD-201703-357 // 
            
            
            
            NVD: CVE-2017-3185

CREDITS
Mandar Jadhav
Trust: 0.9
sources:
            
            
            BID: 96720 // 
            
            
            
            CNNVD: CNNVD-201703-357

SOURCES
db:CERT/CCid:VU#355151
db:CNVDid:CNVD-2017-04256
db:VULHUBid:VHN-111388
db:VULMONid:CVE-2017-3185
db:BIDid:96720
db:JVNDBid:JVNDB-2017-003933
db:CNNVDid:CNNVD-201703-357
db:NVDid:CVE-2017-3185

LAST UPDATE DATE
2024-11-23T22:30:36.882000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#355151date:2017-03-07T00:00:00
db:CNVDid:CNVD-2017-04256date:2017-04-11T00:00:00
db:VULHUBid:VHN-111388date:2019-10-09T00:00:00
db:VULMONid:CVE-2017-3185date:2019-10-09T00:00:00
db:BIDid:96720date:2017-03-16T01:00:00
db:JVNDBid:JVNDB-2017-003933date:2018-03-14T00:00:00
db:CNNVDid:CNNVD-201703-357date:2019-10-17T00:00:00
db:NVDid:CVE-2017-3185date:2024-11-21T03:24:59.330

SOURCES RELEASE DATE
db:CERT/CCid:VU#355151date:2017-03-07T00:00:00
db:CNVDid:CNVD-2017-04256date:2017-04-03T00:00:00
db:VULHUBid:VHN-111388date:2017-12-16T00:00:00
db:VULMONid:CVE-2017-3185date:2017-12-16T00:00:00
db:BIDid:96720date:2017-03-07T00:00:00
db:JVNDBid:JVNDB-2017-003933date:2017-06-12T00:00:00
db:CNNVDid:CNNVD-201703-357date:2017-03-14T00:00:00
db:NVDid:CVE-2017-3185date:2017-12-16T02:29:10.137