Details of VAR-201712-0126

ID

VAR-201712-0126

CVE

CVE-2017-3186

TITLE

ACTi cameras models from the D, B, I, and E series contain multiple security vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#355151

DESCRIPTION

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials. According to the reporter, ACTi Of the camera products provided by version A1D-500-V6.11.31-AC There are problems with multiple series using. The problem of lack of authentication for important functions (CWE-306) - CVE-2017-3184 These products do not have proper access restrictions for the configuration initialization function. A remote third party http://x.x.x.x/setup/setup_maintain_firmware-default.html like URL It is possible to initialize the product settings by directly accessing. This may interfere with service operation for the device. (DoS) Default password issue or cause weak (CVE-2017-3186) Can be used. GET Information leakage due to the query string included in the request (CWE-598) - CVE-2017-3185 The web interface of these products includes sensitive information such as usernames and passwords. GET Use the request. Therefore, it is possible to obtain such sensitive information from various histories such as browser history, referrer, and communication log. Weak default password (CWE-521) - CVE-2017-3186 The default settings for these products use the same authentication information for all devices. There is likely to be. ACTiISeries and others are ACTi's series of network surveillance cameras. ACTi Cameras Models are prone to the following multiple security vulnerabilities: 1. An authentication-bypass vulnerability. 2. An information disclosure vulnerability. 3. An attacker can exploit these issues to bypass certain security restrictions, perform certain unauthorized actions , bypass the authentication mechanism and compromise the application; This may aid in further attacks

Trust: 3.33

sources: NVD: CVE-2017-3186 // CERT/CC: VU#355151 // JVNDB: JVNDB-2017-003933 // CNVD: CNVD-2017-03904 // BID: 96720 // VULHUB: VHN-111389 // VULMON: CVE-2017-3186

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-03904

AFFECTED PRODUCTS

vendor:	acti	model:	camera	scope:	eq	version:	a1d-500-v6.11.31-ac	Trust: 1.6
vendor:	acti	model:	b series a1d-500-v6.11.31-ac	scope:	-	version:	-	Trust: 0.9
vendor:	acti	model:	d series a1d-500-v6.11.31-ac	scope:	-	version:	-	Trust: 0.9
vendor:	acti	model:	e series a1d-500-v6.11.31-ac	scope:	-	version:	-	Trust: 0.9
vendor:	acti	model:	i series a1d-500-v6.11.31-ac	scope:	-	version:	-	Trust: 0.9
vendor:	acti	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	acti	model:	camera	scope:	eq	version:	version a1d-500-v6.11.31-ac using d	Trust: 0.8
vendor:	acti	model:	camera	scope:	eq	version:	b	Trust: 0.8
vendor:	acti	model:	camera	scope:	eq	version:	i	Trust: 0.8
vendor:	acti	model:	camera	scope:	eq	version:	e series	Trust: 0.8

sources: CERT/CC: VU#355151 // CNVD: CNVD-2017-03904 // BID: 96720 // JVNDB: JVNDB-2017-003933 // CNNVD: CNNVD-201703-358 // NVD: CVE-2017-3186

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-3186
value:	CRITICAL
Trust: 1.0
IPA:	JVNDB-2017-003933
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-03904
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201703-358
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-111389
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-3186
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-3186
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
IPA:	JVNDB-2017-003933
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-03904
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-111389
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-3186
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.0
IPA:	JVNDB-2017-003933
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-03904 // VULHUB: VHN-111389 // VULMON: CVE-2017-3186 // JVNDB: JVNDB-2017-003933 // CNNVD: CNNVD-201703-358 // NVD: CVE-2017-3186

PROBLEMTYPE DATA

problemtype:	CWE-521	Trust: 1.8
problemtype:	CWE-798	Trust: 1.1
problemtype:	CWE-598	Trust: 0.8
problemtype:	CWE-306	Trust: 0.8

sources: VULHUB: VHN-111389 // JVNDB: JVNDB-2017-003933 // NVD: CVE-2017-3186

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-358

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201703-358

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-003933

PATCH

title:	Product List	url:	https://www.acti.com/productselector/	Trust: 0.8
title:	Patches for multiple ACTi products non-random default certificate vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/91485	Trust: 0.6

sources: CNVD: CNVD-2017-03904 // JVNDB: JVNDB-2017-003933

EXTERNAL IDS

db:	CERT/CC	id:	VU#355151	Trust: 3.7
db:	NVD	id:	CVE-2017-3186	Trust: 3.5
db:	BID	id:	96720	Trust: 2.7
db:	JVN	id:	JVNVU92233464	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-003933	Trust: 0.8
db:	CNNVD	id:	CNNVD-201703-358	Trust: 0.7
db:	CNVD	id:	CNVD-2017-03904	Trust: 0.6
db:	VULHUB	id:	VHN-111389	Trust: 0.1
db:	VULMON	id:	CVE-2017-3186	Trust: 0.1

sources: CERT/CC: VU#355151 // CNVD: CNVD-2017-03904 // VULHUB: VHN-111389 // VULMON: CVE-2017-3186 // BID: 96720 // JVNDB: JVNDB-2017-003933 // CNNVD: CNNVD-201703-358 // NVD: CVE-2017-3186

REFERENCES

url:	https://www.kb.cert.org/vuls/id/355151	Trust: 3.0
url:	http://www.securityfocus.com/bid/96720/info	Trust: 1.8
url:	https://twitter.com/hfuhs/status/839252357221330944	Trust: 1.8
url:	https://twitter.com/hack3rsca/status/839599437907386368	Trust: 1.8
url:	http://www.acti.com/	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/306.html	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/521.html	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/598.html	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3184	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3185	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3186	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu92233464/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-3184	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-3185	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-3186	Trust: 0.8
url:	http://www.securityfocus.com/bid/96720	Trust: 0.7
url:	http://www.acti.com/home/index.asp	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/798.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

CREDITS

Mandar Jadhav

Trust: 0.9

sources: BID: 96720 // CNNVD: CNNVD-201703-358

SOURCES

db:	CERT/CC	id:	VU#355151
db:	CNVD	id:	CNVD-2017-03904
db:	VULHUB	id:	VHN-111389
db:	VULMON	id:	CVE-2017-3186
db:	BID	id:	96720
db:	JVNDB	id:	JVNDB-2017-003933
db:	CNNVD	id:	CNNVD-201703-358
db:	NVD	id:	CVE-2017-3186

LAST UPDATE DATE

2024-11-23T22:30:36.924000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#355151	date:	2017-03-07T00:00:00
db:	CNVD	id:	CNVD-2017-03904	date:	2019-05-17T00:00:00
db:	VULHUB	id:	VHN-111389	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2017-3186	date:	2019-10-09T00:00:00
db:	BID	id:	96720	date:	2017-03-16T01:00:00
db:	JVNDB	id:	JVNDB-2017-003933	date:	2018-03-14T00:00:00
db:	CNNVD	id:	CNNVD-201703-358	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-3186	date:	2024-11-21T03:24:59.447

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#355151	date:	2017-03-07T00:00:00
db:	CNVD	id:	CNVD-2017-03904	date:	2017-04-05T00:00:00
db:	VULHUB	id:	VHN-111389	date:	2017-12-16T00:00:00
db:	VULMON	id:	CVE-2017-3186	date:	2017-12-16T00:00:00
db:	BID	id:	96720	date:	2017-03-07T00:00:00
db:	JVNDB	id:	JVNDB-2017-003933	date:	2017-06-12T00:00:00
db:	CNNVD	id:	CNNVD-201703-358	date:	2017-03-14T00:00:00
db:	NVD	id:	CVE-2017-3186	date:	2017-12-16T02:29:10.183