Details of VAR-202110-1356

ID

VAR-202110-1356

CVE

CVE-2021-32951

TITLE

Advantech Made WebAccess/NMS Authentication deficiency vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-002280

DESCRIPTION

WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS. WebAccess/NMS Is Advantech Network management software provided by the company. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of the DashBoardAction endpoint of the web server. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose information from the application

Trust: 2.34

sources: NVD: CVE-2021-32951 // JVNDB: JVNDB-2021-002280 // ZDI: ZDI-21-876 // VULHUB: VHN-392937

AFFECTED PRODUCTS

vendor:	advantech	model:	webaccess\/nms	scope:	lte	version:	3.0.3	Trust: 1.0
vendor:	アドバンテック株式会社	model:	webaccess/nms	scope:	eq	version:	-	Trust: 0.8
vendor:	アドバンテック株式会社	model:	webaccess/nms	scope:	lt	version:	v3.0.3_build6299 earlier s	Trust: 0.8
vendor:	advantech	model:	webaccess/nms	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-21-876 // JVNDB: JVNDB-2021-002280 // NVD: CVE-2021-32951

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-32951
value:	MEDIUM
Trust: 1.0
ics-cert@hq.dhs.gov:	CVE-2021-32951
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2021-002280
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2021-32951
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-202108-1568
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-392937
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-32951
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-392937
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-32951
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2021-002280
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2021-32951
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-876 // VULHUB: VHN-392937 // JVNDB: JVNDB-2021-002280 // CNNVD: CNNVD-202108-1568 // NVD: CVE-2021-32951 // NVD: CVE-2021-32951

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.1
problemtype:	Improper authentication (CWE-287) [ Other ]	Trust: 0.8

sources: VULHUB: VHN-392937 // JVNDB: JVNDB-2021-002280 // NVD: CVE-2021-32951

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202108-1568

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202108-1568

PATCH

title:	WebAccess/NMS installation file	url:	https://www.advantech.com/support/details/software-utility?id=1-12F529H	Trust: 0.8
title:	This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.03/03/21 – ZDI reported the vulnerability to ICS-CERT03/03/21 – ICS-CERT acknowledged the report07/05/21 – ZDI requested an update 07/08/21 – ZDI requested an update07/09/21 – ZDI notified ICS-CERT of the intention to publish the case as a 0-day advisory on 07/19/2108/17/21 - ICS-CERT published an advisory Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application.	url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02--	Trust: 0.7
title:	Advantech WebAccess/NMS Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167573	Trust: 0.6

sources: ZDI: ZDI-21-876 // JVNDB: JVNDB-2021-002280 // CNNVD: CNNVD-202108-1568

EXTERNAL IDS

db:	NVD	id:	CVE-2021-32951	Trust: 3.2
db:	ICS CERT	id:	ICSA-21-229-02	Trust: 2.5
db:	ZDI	id:	ZDI-21-876	Trust: 1.5
db:	JVN	id:	JVNVU97362937	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-002280	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-11883	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.2801	Trust: 0.6
db:	CNNVD	id:	CNNVD-202108-1568	Trust: 0.6
db:	VULHUB	id:	VHN-392937	Trust: 0.1

sources: ZDI: ZDI-21-876 // VULHUB: VHN-392937 // JVNDB: JVNDB-2021-002280 // CNNVD: CNNVD-202108-1568 // NVD: CVE-2021-32951

REFERENCES

url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02	Trust: 3.1
url:	https://jvn.jp/vu/jvnvu97362937/	Trust: 0.8
url:	https://www.zerodayinitiative.com/advisories/zdi-21-876/	Trust: 0.8
url:	https://us-cert.cisa.gov/ics/advisories/icsa-21-229-02--	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-32951	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2801	Trust: 0.6

sources: ZDI: ZDI-21-876 // VULHUB: VHN-392937 // JVNDB: JVNDB-2021-002280 // CNNVD: CNNVD-202108-1568 // NVD: CVE-2021-32951

CREDITS

Selim Enes Karaduman (@Enesdex)

Trust: 0.7

sources: ZDI: ZDI-21-876

SOURCES

db:	ZDI	id:	ZDI-21-876
db:	VULHUB	id:	VHN-392937
db:	JVNDB	id:	JVNDB-2021-002280
db:	CNNVD	id:	CNNVD-202108-1568
db:	NVD	id:	CVE-2021-32951

LAST UPDATE DATE

2024-08-14T14:03:01.876000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-876	date:	2021-08-25T00:00:00
db:	VULHUB	id:	VHN-392937	date:	2021-10-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-002280	date:	2021-08-19T04:50:00
db:	CNNVD	id:	CNNVD-202108-1568	date:	2021-11-02T00:00:00
db:	NVD	id:	CVE-2021-32951	date:	2021-10-29T01:16:40.303

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-876	date:	2021-07-19T00:00:00
db:	VULHUB	id:	VHN-392937	date:	2021-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2021-002280	date:	2021-08-19T00:00:00
db:	CNNVD	id:	CNNVD-202108-1568	date:	2021-08-17T00:00:00
db:	NVD	id:	CVE-2021-32951	date:	2021-10-27T01:15:07.333