ID

VAR-201804-0506


CVE

CVE-2017-6020


TITLE

LAquis SCADA Path traversal vulnerability

Trust: 0.8

sources: IVD: ba452eb2-f54b-4527-b139-cb294893a8cf // CNVD: CNVD-2017-11031

DESCRIPTION

Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level. Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA Contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability.The specific flaw exists within global processing of requests inside the web server. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process. LAquis SCADA is a suite of SCADA software for monitoring and data acquisition. A security vulnerability exists in versions prior to LAquis SCADA 4.1.0.3237. LAquis SCADA Software is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. This may aid in further attacks

Trust: 3.24

sources: NVD: CVE-2017-6020 // JVNDB: JVNDB-2017-013274 // ZDI: ZDI-17-286 // CNVD: CNVD-2017-11031 // BID: 97055 // IVD: ba452eb2-f54b-4527-b139-cb294893a8cf

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: ba452eb2-f54b-4527-b139-cb294893a8cf // CNVD: CNVD-2017-11031

AFFECTED PRODUCTS

vendor:lcdsmodel:laquis scadascope:ltversion:4.1.0.3237

Trust: 1.8

vendor:laquis scadamodel:softwarescope: - version: -

Trust: 0.7

vendor:lcdsmodel:le\303\243o consultoria e desenvolvimento de sistemas ltda me laquis scadascope:eqversion:-<=4.1.0.3237

Trust: 0.6

vendor:lcdsmodel:leão consultoria e desenvolvimento de sistemas ltda me laquis scadascope:eqversion:-4.1

Trust: 0.3

vendor:lcdsmodel:leão consultoria e desenvolvimento de sistemas ltda me laquis scadascope:neversion:-4.1.0.3237

Trust: 0.3

vendor:laquis scadamodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: ba452eb2-f54b-4527-b139-cb294893a8cf // ZDI: ZDI-17-286 // CNVD: CNVD-2017-11031 // BID: 97055 // JVNDB: JVNDB-2017-013274 // NVD: CVE-2017-6020

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-6020
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-6020
value: MEDIUM

Trust: 0.8

ZDI: CVE-2017-6020
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2017-11031
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201702-592
value: MEDIUM

Trust: 0.6

IVD: ba452eb2-f54b-4527-b139-cb294893a8cf
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2017-6020
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-6020
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2017-11031
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ba452eb2-f54b-4527-b139-cb294893a8cf
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2017-6020
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: IVD: ba452eb2-f54b-4527-b139-cb294893a8cf // ZDI: ZDI-17-286 // CNVD: CNVD-2017-11031 // JVNDB: JVNDB-2017-013274 // CNNVD: CNNVD-201702-592 // NVD: CVE-2017-6020

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2017-013274 // NVD: CVE-2017-6020

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-592

TYPE

Path traversal

Trust: 0.8

sources: IVD: ba452eb2-f54b-4527-b139-cb294893a8cf // CNNVD: CNNVD-201702-592

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-013274

PATCH

title:Top Pageurl:http://www.lcds.com.br/

Trust: 0.8

title:LAquis SCADA has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01

Trust: 0.7

title:LAquis SCADA Path Traversal Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/96375

Trust: 0.6

title:LCDS LTDA ME LAquis SCADA Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99647

Trust: 0.6

sources: ZDI: ZDI-17-286 // CNVD: CNVD-2017-11031 // JVNDB: JVNDB-2017-013274 // CNNVD: CNNVD-201702-592

EXTERNAL IDS

db:NVDid:CVE-2017-6020

Trust: 4.2

db:ICS CERTid:ICSA-17-082-01

Trust: 3.3

db:BIDid:97055

Trust: 1.9

db:EXPLOIT-DBid:42885

Trust: 1.6

db:CNVDid:CNVD-2017-11031

Trust: 0.8

db:CNNVDid:CNNVD-201702-592

Trust: 0.8

db:JVNDBid:JVNDB-2017-013274

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-4523

Trust: 0.7

db:ZDIid:ZDI-17-286

Trust: 0.7

db:IVDid:BA452EB2-F54B-4527-B139-CB294893A8CF

Trust: 0.2

sources: IVD: ba452eb2-f54b-4527-b139-cb294893a8cf // ZDI: ZDI-17-286 // CNVD: CNVD-2017-11031 // BID: 97055 // JVNDB: JVNDB-2017-013274 // CNNVD: CNNVD-201702-592 // NVD: CVE-2017-6020

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-17-082-01

Trust: 4.0

url:https://www.exploit-db.com/exploits/42885/

Trust: 1.6

url:http://www.securityfocus.com/bid/97055

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6020

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-6020

Trust: 0.8

url:http://laquisscada.com/

Trust: 0.3

sources: ZDI: ZDI-17-286 // CNVD: CNVD-2017-11031 // BID: 97055 // JVNDB: JVNDB-2017-013274 // CNNVD: CNNVD-201702-592 // NVD: CVE-2017-6020

CREDITS

Karn Ganeshen

Trust: 0.7

sources: ZDI: ZDI-17-286

SOURCES

db:IVDid:ba452eb2-f54b-4527-b139-cb294893a8cf
db:ZDIid:ZDI-17-286
db:CNVDid:CNVD-2017-11031
db:BIDid:97055
db:JVNDBid:JVNDB-2017-013274
db:CNNVDid:CNNVD-201702-592
db:NVDid:CVE-2017-6020

LAST UPDATE DATE

2024-08-14T14:39:25.025000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-17-286date:2017-04-12T00:00:00
db:CNVDid:CNVD-2017-11031date:2019-05-17T00:00:00
db:BIDid:97055date:2017-03-29T00:01:00
db:JVNDBid:JVNDB-2017-013274date:2018-06-15T00:00:00
db:CNNVDid:CNNVD-201702-592date:2019-10-17T00:00:00
db:NVDid:CVE-2017-6020date:2019-10-09T23:28:34.167

SOURCES RELEASE DATE

db:IVDid:ba452eb2-f54b-4527-b139-cb294893a8cfdate:2017-06-23T00:00:00
db:ZDIid:ZDI-17-286date:2017-04-12T00:00:00
db:CNVDid:CNVD-2017-11031date:2017-06-23T00:00:00
db:BIDid:97055date:2017-03-23T00:00:00
db:JVNDBid:JVNDB-2017-013274date:2018-06-15T00:00:00
db:CNNVDid:CNNVD-201702-592date:2017-02-17T00:00:00
db:NVDid:CVE-2017-6020date:2018-04-17T14:29:00.290