Vulnerabilites related to Advantech - WebAccess SCADA
var-201805-1145
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to disclose sensitive information on the target. plural Advantech WebAccess The product contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the DownloadAction servlet. When parsing the filename and taskname parameters, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information under the context of SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c=v8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-471"
}
],
"trust": 0.7
},
"cve": "CVE-2018-7503",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7503",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7503",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-10709",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137535",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7503",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7503",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7503",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-7503",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-10709",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-444",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137535",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "VULHUB",
"id": "VHN-137535"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to disclose sensitive information on the target. plural Advantech WebAccess The product contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the DownloadAction servlet. When parsing the filename and taskname parameters, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information under the context of SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7503"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137535"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7503",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-10709",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5477",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-471",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F0E621-39AB-11E9-9C2C-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137535",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "VULHUB",
"id": "VHN-137535"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"id": "VAR-201805-1145",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "VULHUB",
"id": "VHN-137535"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
}
]
},
"last_update_date": "2024-11-23T21:53:07.688000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess Path Traversal Vulnerability (CNVD-2018-10709)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130717"
},
{
"title": "Multiple Advantech Product path traversal vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80054"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137535"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7503"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7503"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-471"
},
{
"db": "CNVD",
"id": "CNVD-2018-10709"
},
{
"db": "VULHUB",
"id": "VHN-137535"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
},
{
"db": "NVD",
"id": "CVE-2018-7503"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-471",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10709",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137535",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005074",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7503",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-471",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10709",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137535",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005074",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-444",
"ident": null
},
{
"date": "2018-05-15T22:29:00.597000",
"db": "NVD",
"id": "CVE-2018-7503",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-471",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10709",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137535",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005074",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-444",
"ident": null
},
{
"date": "2024-11-21T04:12:15.480000",
"db": "NVD",
"id": "CVE-2018-7503",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Path traversal vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005074"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "e2f0e621-39ab-11e9-9c2c-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-444"
}
],
"trust": 0.8
}
}
var-201805-0249
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to execute arbitrary code. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A path traversal vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0249",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-483"
}
],
"trust": 0.7
},
"cve": "CVE-2018-10589",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10589",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10589",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10660",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-120363",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10589",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10589",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-10589",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2018-10589",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-10660",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-451",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-120363",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to execute arbitrary code. Advantech WebAccess Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A path traversal vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10589"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-120363"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10589",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-10660",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5627",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-483",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F18262-39AB-11E9-8AEC-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120363",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"id": "VAR-201805-0249",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
}
]
},
"last_update_date": "2024-11-23T21:53:07.534000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess Path Traversal Vulnerability (CNVD-2018-10660)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130697"
},
{
"title": "Multiple Advantech Product path traversal vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80061"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10589"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10589"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"db": "VULHUB",
"id": "VHN-120363"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-120363"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"date": "2018-05-15T22:29:00.267000",
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-13T00:00:00",
"db": "ZDI",
"id": "ZDI-18-483"
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10660"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-120363"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005067"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-451"
},
{
"date": "2024-11-21T03:41:36.973000",
"db": "NVD",
"id": "CVE-2018-10589"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Path traversal vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005067"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "e2f18262-39ab-11e9-8aec-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-451"
}
],
"trust": 0.8
}
}
var-201805-1126
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated user to modify files when read access should only be given to the user. plural Advantech WebAccess The product contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the access control that is set and modified during the installation of the product. The product installation weakens access control restrictions of pre-existing system files and sets weak access control restrictions on new files. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A security vulnerability exists in several Advantech products that stems from a program's failure to properly manage permissions. An attacker could use this vulnerability to modify a file. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess etc
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c=v8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
}
]
},
"credits": {
"_id": null,
"data": "Fritz Sands of the Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-500"
}
],
"trust": 0.7
},
"cve": "CVE-2018-8841",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2018-8841",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-8841",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-13782",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-138873",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-8841",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-8841",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-8841",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-8841",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-13782",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-442",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-138873",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "VULHUB",
"id": "VHN-138873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated user to modify files when read access should only be given to the user. plural Advantech WebAccess The product contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the access control that is set and modified during the installation of the product. The product installation weakens access control restrictions of pre-existing system files and sets weak access control restrictions on new files. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A security vulnerability exists in several Advantech products that stems from a program\u0027s failure to properly manage permissions. An attacker could use this vulnerability to modify a file. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8841"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-138873"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-8841",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-13782",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5670",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-500",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F6B281-39AB-11E9-B166-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-138873",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "VULHUB",
"id": "VHN-138873"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"id": "VAR-201805-1126",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "VULHUB",
"id": "VHN-138873"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
}
]
},
"last_update_date": "2024-11-23T21:53:07.965000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patches for Multiple Advantech Products Improper Rights Management Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/135203"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80052"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-269",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138873"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8841"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8841"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-500"
},
{
"db": "CNVD",
"id": "CNVD-2018-13782"
},
{
"db": "VULHUB",
"id": "VHN-138873"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
},
{
"db": "NVD",
"id": "CVE-2018-8841"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-500",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-13782",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-138873",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005076",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-442",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-8841",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-07-24T00:00:00",
"db": "IVD",
"id": "e2f6b281-39ab-11e9-b166-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-500",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13782",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-138873",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005076",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-442",
"ident": null
},
{
"date": "2018-05-15T22:29:00.690000",
"db": "NVD",
"id": "CVE-2018-8841",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-500",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13782",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-138873",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005076",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-442",
"ident": null
},
{
"date": "2024-11-21T04:14:25.803000",
"db": "NVD",
"id": "CVE-2018-8841",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005076"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-442"
}
],
"trust": 0.6
}
}
var-201805-1128
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a heap-based buffer overflow vulnerability has been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x13C80 IOCTL in the BwOpcTool subsystem. When parsing the NamedObject structure, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A heap buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following products and versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c=v8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
}
]
},
"credits": {
"_id": null,
"data": "Fritz Sands of the Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-527"
}
],
"trust": 0.7
},
"cve": "CVE-2018-8845",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-8845",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-8845",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-13781",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-138877",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-8845",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-8845",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-8845",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-8845",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2018-8845",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-13781",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-441",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-138877",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "VULHUB",
"id": "VHN-138877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a heap-based buffer overflow vulnerability has been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x13C80 IOCTL in the BwOpcTool subsystem. When parsing the NamedObject structure, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A heap buffer overflow vulnerability exists in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following products and versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8845"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-138877"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-8845",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-13781",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5897",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-527",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F6D991-39AB-11E9-A20E-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-138877",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "VULHUB",
"id": "VHN-138877"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"id": "VAR-201805-1128",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "VULHUB",
"id": "VHN-138877"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
}
]
},
"last_update_date": "2024-11-23T21:53:07.443000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patches for multiple Advantech product heap buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/135205"
},
{
"title": "Multiple Advantech Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80051"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-122",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138877"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8845"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8845"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-527"
},
{
"db": "CNVD",
"id": "CNVD-2018-13781"
},
{
"db": "VULHUB",
"id": "VHN-138877"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
},
{
"db": "NVD",
"id": "CVE-2018-8845"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-527",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-13781",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-138877",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005077",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-8845",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-07-24T00:00:00",
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-527",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13781",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-138877",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005077",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-441",
"ident": null
},
{
"date": "2018-05-15T22:29:00.723000",
"db": "NVD",
"id": "CVE-2018-8845",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-527",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13781",
"ident": null
},
{
"date": "2020-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-138877",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005077",
"ident": null
},
{
"date": "2020-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-441",
"ident": null
},
{
"date": "2024-11-21T04:14:26.320000",
"db": "NVD",
"id": "CVE-2018-8845",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005077"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f6d991-39ab-11e9-a20e-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-441"
}
],
"trust": 0.8
}
}
var-201805-1141
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files. plural Advantech WebAccess The product contains a path traversal vulnerability.Information may be tampered with. This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this functionality to delete files under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1141",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess node",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess scada node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-499"
}
],
"trust": 0.7
},
"cve": "CVE-2018-7495",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7495",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7495",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-13786",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-137527",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7495",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7495",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7495",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-7495",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-13786",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-448",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137527",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files. plural Advantech WebAccess The product contains a path traversal vulnerability.Information may be tampered with. This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this functionality to delete files under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7495"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137527"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7495",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-13786",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5664",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-499",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F700A2-39AB-11E9-92AD-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137527",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"id": "VAR-201805-1141",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
}
]
},
"last_update_date": "2024-11-23T21:53:07.878000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patches for multiple Advantech product file names or path external control vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/135199"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80058"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
},
{
"problemtype": "CWE-73",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7495"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7495"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"db": "VULHUB",
"id": "VHN-137527"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-24T00:00:00",
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137527"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"date": "2018-05-15T22:29:00.410000",
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-499"
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13786"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137527"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005070"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-448"
},
{
"date": "2024-11-21T04:12:14.620000",
"db": "NVD",
"id": "CVE-2018-7495"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Advantech WebAccess Path traversal vulnerability in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005070"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "e2f700a2-39ab-11e9-92ad-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-448"
}
],
"trust": 0.8
}
}
var-202008-1269
Vulnerability from variot
Advantech WebAccess SCADA is a browser-based SCADA software package for supervisory control, data acquisition and visualization. It is used to automatically execute complex industrial processes in the case of remote operation.
Advantech (China) Co., Ltd. WebAccess SCADA has an arbitrary file deletion vulnerability. Attackers can use this vulnerability to delete arbitrary files.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202008-1269",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess scada",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "v9.0.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-41340",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2020-41340",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess SCADA is a browser-based SCADA software package for supervisory control, data acquisition and visualization. It is used to automatically execute complex industrial processes in the case of remote operation.\n\r\n\r\nAdvantech (China) Co., Ltd. WebAccess SCADA has an arbitrary file deletion vulnerability. Attackers can use this vulnerability to delete arbitrary files.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-41340",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
]
},
"id": "VAR-202008-1269",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
],
"trust": 1.13571427
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
]
},
"last_update_date": "2022-05-04T10:07:26.314000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess SCADA drawsrv.dll file has arbitrary file deletion vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/222197"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-41340"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-41340"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech (China) Co., Ltd. WebAccess SCADA has an arbitrary file deletion vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41340"
}
],
"trust": 0.6
}
}
var-201805-1146
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the web application without authorization, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute code on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the configuration of the TFTP service. The issue results from the lack of proper validation of user-supplied data, which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A privilege elevation vulnerability exists in several Advantech products that stems from a TFTP application that allows unauthorized uploading of arbitrary files to a web application. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. An escalation of privilege vulnerability exists in several Advantech products. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess \u003c=v8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.1"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-470"
}
],
"trust": 0.7
},
"cve": "CVE-2018-7505",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7505",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7505",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-13785",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137537",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7505",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7505",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-7505",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2018-7505",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-13785",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-443",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-137537",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "VULHUB",
"id": "VHN-137537"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the web application without authorization, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute code on vulnerable installations of Advantech WebAccess NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the configuration of the TFTP service. The issue results from the lack of proper validation of user-supplied data, which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A privilege elevation vulnerability exists in several Advantech products that stems from a TFTP application that allows unauthorized uploading of arbitrary files to a web application. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. An escalation of privilege vulnerability exists in several Advantech products. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7505"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137537"
}
],
"trust": 3.33
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7505",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-13785",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5476",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-470",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F700A1-39AB-11E9-8A88-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137537",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "VULHUB",
"id": "VHN-137537"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"id": "VAR-201805-1146",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "VULHUB",
"id": "VHN-137537"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
}
]
},
"last_update_date": "2024-11-23T21:53:07.489000Z",
"patch": {
"_id": null,
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patches for multiple Advantech product privilege escalation vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/135201"
},
{
"title": "Multiple Advantech Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80053"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-434",
"trust": 1.9
},
{
"problemtype": "CWE-264",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137537"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7505"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7505"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-470"
},
{
"db": "CNVD",
"id": "CNVD-2018-13785"
},
{
"db": "VULHUB",
"id": "VHN-137537"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
},
{
"db": "NVD",
"id": "CVE-2018-7505"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-470",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-13785",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137537",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005075",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7505",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-07-24T00:00:00",
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-470",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13785",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137537",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005075",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-443",
"ident": null
},
{
"date": "2018-05-15T22:29:00.643000",
"db": "NVD",
"id": "CVE-2018-7505",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-470",
"ident": null
},
{
"date": "2018-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-13785",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137537",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005075",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-443",
"ident": null
},
{
"date": "2024-11-21T04:12:15.683000",
"db": "NVD",
"id": "CVE-2018-7505",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "plural Advantech WebAccess Product unrestricted upload vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005075"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2f700a1-39ab-11e9-8a88-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-443"
}
],
"trust": 0.8
}
}
var-201805-1144
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within Quality.asp. When parsing the ItemGroupIdAry parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). SQL injection vulnerabilities exist in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 9.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-475"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-475"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
}
],
"trust": 9.8
},
"cve": "CVE-2018-7501",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-7501",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 7.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7501",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 3.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-10317",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7501",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7501",
"trust": 9.8,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7501",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-10317",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-445",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-475"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within Quality.asp. When parsing the ItemGroupIdAry parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose sensitive information under the context of the database. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). SQL injection vulnerabilities exist in several Advantech products. Advantech WebAccess is prone to the following security vulnerabilities:\n1. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7501"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "ZDI",
"id": "ZDI-18-475"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
}
],
"trust": 10.71
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7501",
"trust": 12.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 2.5
},
{
"db": "BID",
"id": "104190",
"trust": 2.5
},
{
"db": "CNVD",
"id": "CNVD-2018-10317",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5611",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-481",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5653",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-489",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5649",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-485",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5652",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-488",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5650",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-486",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5609",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-479",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5597",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-474",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5608",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-478",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5590",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-553",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5606",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-476",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5610",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-480",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5651",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-487",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5595",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-475",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5607",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-477",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F022CF-39AB-11E9-A809-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-475"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"id": "VAR-201805-1144",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
}
],
"trust": 1.4434040525
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
}
]
},
"last_update_date": "2024-11-29T22:46:30.043000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess SQL Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130233"
},
{
"title": "Multiple Advantech product SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80055"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-475"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-89",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 12.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
},
{
"db": "ZDI",
"id": "ZDI-18-489"
},
{
"db": "ZDI",
"id": "ZDI-18-485"
},
{
"db": "ZDI",
"id": "ZDI-18-488"
},
{
"db": "ZDI",
"id": "ZDI-18-486"
},
{
"db": "ZDI",
"id": "ZDI-18-479"
},
{
"db": "ZDI",
"id": "ZDI-18-474"
},
{
"db": "ZDI",
"id": "ZDI-18-478"
},
{
"db": "ZDI",
"id": "ZDI-18-553"
},
{
"db": "ZDI",
"id": "ZDI-18-476"
},
{
"db": "ZDI",
"id": "ZDI-18-480"
},
{
"db": "ZDI",
"id": "ZDI-18-487"
},
{
"db": "ZDI",
"id": "ZDI-18-475"
},
{
"db": "ZDI",
"id": "ZDI-18-477"
},
{
"db": "CNVD",
"id": "CNVD-2018-10317"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
},
{
"db": "NVD",
"id": "CVE-2018-7501"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-480",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-487",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-475",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-477",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-25T00:00:00",
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"date": "2018-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-480",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-487",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-475",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-477",
"ident": null
},
{
"date": "2018-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"date": "2018-05-15T22:29:00.567000",
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-481",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-489",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-485",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-488",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-486",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-479",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-474",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-478",
"ident": null
},
{
"date": "2018-06-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-553",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-476",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-480",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-487",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-475",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-477",
"ident": null
},
{
"date": "2018-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10317",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-445",
"ident": null
},
{
"date": "2024-11-21T04:12:15.263000",
"db": "NVD",
"id": "CVE-2018-7501",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node BWSCADASoap GetAlarms SQL Injection Information Disclosure Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-481"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "e2f022cf-39ab-11e9-a809-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-445"
}
],
"trust": 0.8
}
}
var-201805-0250
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible. Advantech WebAccess Contains a vulnerability in the disclosure of file and directory information.Information may be obtained. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. An attacker could exploit this vulnerability to obtain important files that are not visible. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0250",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell, rgod, Steven Seeley, Donato Onofri and Simone Onofri",
"sources": [
{
"db": "BID",
"id": "104190"
}
],
"trust": 0.3
},
"cve": "CVE-2018-10590",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10590",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-09823",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-120365",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10590",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10590",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-10590",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2018-09823",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-450",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-120365",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible. Advantech WebAccess Contains a vulnerability in the disclosure of file and directory information.Information may be obtained. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. An attacker could exploit this vulnerability to obtain important files that are not visible. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10590"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-120365"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10590",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2018-09823",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2EF868F-39AB-11E9-8037-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120365",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"id": "VAR-201805-0250",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
}
]
},
"last_update_date": "2024-11-23T21:53:07.924000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Patch for Advantech WebAccess Information Disclosure Vulnerability (CNVD-2018-09823)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/129391"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80060"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-538",
"trust": 1.9
},
{
"problemtype": "CWE-548",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10590"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10590"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"db": "VULHUB",
"id": "VHN-120365"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "IVD",
"id": "e2ef868f-39ab-11e9-8037-000c29342cb1"
},
{
"date": "2018-05-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-120365"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"date": "2018-05-15T22:29:00.317000",
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09823"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-120365"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005068"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-450"
},
{
"date": "2024-11-21T03:41:37.093000",
"db": "NVD",
"id": "CVE-2018-10590"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Vulnerable to file and directory information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005068"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-450"
}
],
"trust": 0.6
}
}
var-201805-0251
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may allow an attacker can create a malicious web site, steal session cookies, and access data of authenticated users. Advantech WebAccess Contains a session fixation vulnerability.Information may be obtained. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0251",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.4,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:advantech_webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell, rgod, Steven Seeley, Donato Onofri and Simone Onofri",
"sources": [
{
"db": "BID",
"id": "104190"
}
],
"trust": 0.3
},
"cve": "CVE-2018-10591",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-10591",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10703",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-120366",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2018-10591",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10591",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-10591",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-10703",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-449",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-120366",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may allow an attacker can create a malicious web site, steal session cookies, and access data of authenticated users. Advantech WebAccess Contains a session fixation vulnerability.Information may be obtained. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10591"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-120366"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10591",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-10703",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2F0BF10-39AB-11E9-AED2-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120366",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"id": "VAR-201805-0251",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
}
]
},
"last_update_date": "2024-11-23T21:53:07.737000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Advantech WebAccess Source Validation Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130839"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80059"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-384",
"trust": 1.9
},
{
"problemtype": "CWE-346",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10591"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10591"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"db": "VULHUB",
"id": "VHN-120366"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-120366"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"date": "2018-05-15T22:29:00.363000",
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10703"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-120366"
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190"
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005069"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-449"
},
{
"date": "2024-11-21T03:41:37.217000",
"db": "NVD",
"id": "CVE-2018-10591"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Source Validation Error Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2f0bf10-39ab-11e9-aed2-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10703"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-449"
}
],
"trust": 0.6
}
}
var-201805-1142
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several untrusted pointer dereference vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product includes NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x277e IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities 2. An information-disclosure vulnerability 3. A file-upload vulnerability 4. Multiple directory-traversal vulnerabilities 5. Multiple stack-based buffer-overflow vulnerabilities 6. A heap-based buffer-overflow vulnerability 7. Multiple arbitrary code-execution vulnerabilities 8. A denial-of-service vulnerability 9. A security-bypass vulnerability 10. A privilege-escalation vulnerability An attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 5.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.8,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 1.6,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.9,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.8,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "2.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3"
},
{
"_id": null,
"model": "webaccess 8.2 20170817",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess 8.2 20170330",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"_id": null,
"model": "webaccess 8.1 20160519",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8.1"
},
{
"_id": null,
"model": "webaccess 8.0 20150816",
"scope": null,
"trust": 0.3,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.3,
"vendor": "advantech",
"version": "8"
},
{
"_id": null,
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.3.1"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:advantech:webaccess",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_dashboard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess_scada",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:advantech:webaccess%2fnms",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
}
]
},
"credits": {
"_id": null,
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
}
],
"trust": 4.9
},
"cve": "CVE-2018-7497",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7497",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 5.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7497",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2018-10813",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-137529",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7497",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7497",
"trust": 5.6,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7497",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-7497",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-10813",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-447",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-137529",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "VULHUB",
"id": "VHN-137529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several untrusted pointer dereference vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. plural Advantech WebAccess The product includes NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within the implementation of the 0x277e IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this functionality to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). Security vulnerabilities exist in several Advantech products. Multiple SQL-injection vulnerabilities\n2. An information-disclosure vulnerability\n3. A file-upload vulnerability\n4. Multiple directory-traversal vulnerabilities\n5. Multiple stack-based buffer-overflow vulnerabilities\n6. A heap-based buffer-overflow vulnerability\n7. Multiple arbitrary code-execution vulnerabilities\n8. A denial-of-service vulnerability\n9. A security-bypass vulnerability\n10. A privilege-escalation vulnerability\nAn attacker can exploit these issues to execute arbitrary code in the context of the application, or modify data, or exploit latent vulnerabilities in the underlying database, delete arbitrary files, gain elevated privileges, perform certain unauthorized actions, upload arbitrary files to the affected application gain unauthorized access and obtain sensitive information. Failed attacks will cause denial of service conditions. Advantech WebAccess, etc. Advantech WebAccess is a set of HMI/SCADA software based on browser architecture. The following versions are affected: Advantech WebAccess 8.2_20170817 and earlier, 8.3.0 and earlier; WebAccess Dashboard 2.0.15 and earlier; WebAccess Scada Node 8.3.1 and earlier; WebAccess/NMS 2.0.3 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7497"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137529"
}
],
"trust": 7.74
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7497",
"trust": 9.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 3.4
},
{
"db": "BID",
"id": "104190",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2018-10813",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5711",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-526",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5648",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-484",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5655",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-491",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5656",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-492",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5659",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-494",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5661",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-496",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5658",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-493",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5660",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-495",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F1A971-39AB-11E9-8038-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137529",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "VULHUB",
"id": "VHN-137529"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"id": "VAR-201805-1142",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "VULHUB",
"id": "VHN-137529"
}
],
"trust": 1.5434040525000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
}
]
},
"last_update_date": "2024-11-23T21:53:07.367000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 5.6,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.advantech.co.jp/"
},
{
"title": "Advantech WebAccess Untrusted Pointer Dereference Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130861"
},
{
"title": "Multiple Advantech Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80057"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-476",
"trust": 1.9
},
{
"problemtype": "CWE-822",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137529"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 9.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104190"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7497"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7497"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-484"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
},
{
"db": "CNVD",
"id": "CNVD-2018-10813"
},
{
"db": "VULHUB",
"id": "VHN-137529"
},
{
"db": "BID",
"id": "104190"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
},
{
"db": "NVD",
"id": "CVE-2018-7497"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-526",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-484",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-491",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-492",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-494",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-496",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-493",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-495",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10813",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-137529",
"ident": null
},
{
"db": "BID",
"id": "104190",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-005071",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7497",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-06-01T00:00:00",
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-526",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-484",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-491",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-492",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-494",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-496",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-493",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-495",
"ident": null
},
{
"date": "2018-06-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10813",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "VULHUB",
"id": "VHN-137529",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005071",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-447",
"ident": null
},
{
"date": "2018-05-15T22:29:00.457000",
"db": "NVD",
"id": "CVE-2018-7497",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-526",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-484",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-491",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-492",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-494",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-496",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-493",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-495",
"ident": null
},
{
"date": "2018-06-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10813",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-137529",
"ident": null
},
{
"date": "2018-05-15T00:00:00",
"db": "BID",
"id": "104190",
"ident": null
},
{
"date": "2018-07-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-005071",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-447",
"ident": null
},
{
"date": "2024-11-21T04:12:14.833000",
"db": "NVD",
"id": "CVE-2018-7497",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-526"
},
{
"db": "ZDI",
"id": "ZDI-18-491"
},
{
"db": "ZDI",
"id": "ZDI-18-492"
},
{
"db": "ZDI",
"id": "ZDI-18-494"
},
{
"db": "ZDI",
"id": "ZDI-18-496"
},
{
"db": "ZDI",
"id": "ZDI-18-493"
},
{
"db": "ZDI",
"id": "ZDI-18-495"
}
],
"trust": 4.9
},
"type": {
"_id": null,
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2f1a971-39ab-11e9-8038-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-447"
}
],
"trust": 0.8
}
}
var-202008-1268
Vulnerability from variot
Advantech WebAccess/SCADA is a browser-based SCADA software package for supervisory control, data acquisition and visualization. It is used to automatically execute complex industrial processes in the case of remote operation.
Advantech (China) Co., Ltd. WebAccess SCADA has a file upload vulnerability. Attackers can use the vulnerability to gain system control permissions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202008-1268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess scada",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "v9.0.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-41339",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2020-41339",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess/SCADA is a browser-based SCADA software package for supervisory control, data acquisition and visualization. It is used to automatically execute complex industrial processes in the case of remote operation.\n\r\n\r\nAdvantech (China) Co., Ltd. WebAccess SCADA has a file upload vulnerability. Attackers can use the vulnerability to gain system control permissions.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-41339",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
]
},
"id": "VAR-202008-1268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
],
"trust": 1.13571427
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
]
},
"last_update_date": "2022-05-04T09:08:59.438000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess SCADA drawsrv.dll has a file upload vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/222193"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-41339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-41339"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech (China) Co., Ltd. WebAccess SCADA has file upload vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-41339"
}
],
"trust": 0.6
}
}
var-202110-0326
Vulnerability from variot
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users. Advantech WebAccess SCADA Exists in a vulnerability related to the lack of authentication.Information may be obtained. Advantech WebAccess SCADA is a set of browser-based SCADA software from Advantech, a company in Taiwan. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment. For monitoring, data acquisition and visualization
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-0326",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess scada",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "9.0.3"
},
{
"model": "webaccess/scada",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d0\u30f3\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "webaccess/scada",
"scope": "lte",
"trust": 0.8,
"vendor": "\u30a2\u30c9\u30d0\u30f3\u30c6\u30c3\u30af\u682a\u5f0f\u4f1a\u793e",
"version": "9.0.3 and earlier"
},
{
"model": "webaccess scada",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=9.0.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"db": "NVD",
"id": "CVE-2021-38431"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Inc., reported this vulnerability to CISA.,Peter Cheng from ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-926"
}
],
"trust": 0.6
},
"cve": "CVE-2021-38431",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2021-38431",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2021-80268",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-397681",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-38431",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2021-013738",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-38431",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ics-cert@hq.dhs.gov",
"id": "CVE-2021-38431",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-38431",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2021-80268",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-926",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-397681",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-38431",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"db": "VULHUB",
"id": "VHN-397681"
},
{
"db": "VULMON",
"id": "CVE-2021-38431"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-926"
},
{
"db": "NVD",
"id": "CVE-2021-38431"
},
{
"db": "NVD",
"id": "CVE-2021-38431"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users. Advantech WebAccess SCADA Exists in a vulnerability related to the lack of authentication.Information may be obtained. Advantech WebAccess SCADA is a set of browser-based SCADA software from Advantech, a company in Taiwan. The software supports dynamic graphic display and real-time data control, and provides functions for remote control and management of automation equipment. For monitoring, data acquisition and visualization",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38431"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"db": "VULHUB",
"id": "VHN-397681"
},
{
"db": "VULMON",
"id": "CVE-2021-38431"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38431",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-21-285-01",
"trust": 3.2
},
{
"db": "JVN",
"id": "JVNVU97189148",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-926",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2021-80268",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021101311",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3440",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-397681",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-38431",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"db": "VULHUB",
"id": "VHN-397681"
},
{
"db": "VULMON",
"id": "CVE-2021-38431"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-926"
},
{
"db": "NVD",
"id": "CVE-2021-38431"
}
]
},
"id": "VAR-202110-0326",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"db": "VULHUB",
"id": "VHN-397681"
}
],
"trust": 1.3293211
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-80268"
}
]
},
"last_update_date": "2024-08-14T14:03:02.780000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WebAccess/SCADA",
"trust": 0.8,
"url": "https://www.advantech.com/industrial-automation/webaccess/webaccessscada"
},
{
"title": "Patch for Advantech WebAccess SCADA Authorization Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/294866"
},
{
"title": "Advantech WebAccess Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=166092"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-926"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-862",
"trust": 1.1
},
{
"problemtype": "Lack of authentication (CWE-862) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-397681"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"db": "NVD",
"id": "CVE-2021-38431"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-285-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38431"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu97189148/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-285-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3440"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021101311"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/862.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"db": "VULHUB",
"id": "VHN-397681"
},
{
"db": "VULMON",
"id": "CVE-2021-38431"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-926"
},
{
"db": "NVD",
"id": "CVE-2021-38431"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"db": "VULHUB",
"id": "VHN-397681"
},
{
"db": "VULMON",
"id": "CVE-2021-38431"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-926"
},
{
"db": "NVD",
"id": "CVE-2021-38431"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"date": "2021-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-397681"
},
{
"date": "2021-10-15T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38431"
},
{
"date": "2022-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"date": "2021-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-926"
},
{
"date": "2021-10-15T13:15:07.533000",
"db": "NVD",
"id": "CVE-2021-38431"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-80268"
},
{
"date": "2021-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-397681"
},
{
"date": "2021-10-20T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38431"
},
{
"date": "2022-09-27T05:34:00",
"db": "JVNDB",
"id": "JVNDB-2021-013738"
},
{
"date": "2021-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-926"
},
{
"date": "2021-10-20T15:12:45.713000",
"db": "NVD",
"id": "CVE-2021-38431"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-926"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech\u00a0WebAccess\u00a0SCADA\u00a0 Vulnerability regarding lack of authentication in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013738"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-926"
}
],
"trust": 0.6
}
}
var-201805-1143
Vulnerability from variot
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within notify2.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "webaccess node",
"scope": null,
"trust": 9.8,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": "webaccess scada",
"scope": "lt",
"trust": 1.0,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess \u003c=8.2 20170817",
"scope": null,
"trust": 0.6,
"vendor": "advantech",
"version": null
},
{
"_id": null,
"model": "webaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=8.3.0"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.15"
},
{
"_id": null,
"model": "webaccess scada node",
"scope": "lt",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.1"
},
{
"_id": null,
"model": "webaccess/nms",
"scope": "lte",
"trust": 0.6,
"vendor": "advantech",
"version": "\u003c=2.0.3"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.3.0"
},
{
"_id": null,
"model": "webaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "8.2_20170817"
},
{
"_id": null,
"model": "webaccess dashboard",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.15"
},
{
"_id": null,
"model": "webaccess\\/nms",
"scope": "eq",
"trust": 0.6,
"vendor": "advantech",
"version": "2.0.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "webaccess",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess dashboard",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess scada",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess nms",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-518"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"credits": {
"_id": null,
"data": "Mat Powell - Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-518"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
}
],
"trust": 8.4
},
"cve": "CVE-2018-7499",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-7499",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 9.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7499",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-10713",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7499",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-7499",
"trust": 9.8,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7499",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2018-10713",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-446",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-518"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"description": {
"_id": null,
"data": "In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability.The specific flaw exists within notify2.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. Advantech WebAccess and others are products of Advantech. Advantech WebAccess is a browser-based HMI/SCADA software. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. WebAccess Dashboard is one of the dashboard components; WebAccess Scada Node is one of the monitoring node components. WebAccess/NMS is a suite of web browsers for the Network Management System (NMS). A stack buffer overflow vulnerability exists in several Advantech products",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7499"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-518"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
}
],
"trust": 10.44
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-7499",
"trust": 12.2
},
{
"db": "ICS CERT",
"id": "ICSA-18-135-01",
"trust": 2.2
},
{
"db": "BID",
"id": "104190",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2018-10713",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5691",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-516",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5694",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-519",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5698",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-523",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5700",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-525",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5684",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-509",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5686",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-511",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5682",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-507",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5662",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-497",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5693",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-518",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5681",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-506",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5695",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-520",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5663",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-498",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5683",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-508",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5692",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-517",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F10D30-39AB-11E9-AE57-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-518"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"id": "VAR-201805-1143",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
}
],
"trust": 1.4316815933333333
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
}
]
},
"last_update_date": "2024-11-29T22:46:30.150000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 9.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-135-01"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability (CNVD-2018-10713)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/130743"
},
{
"title": "Multiple Advantech Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80056"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-518"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 12.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-135-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104190"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
},
{
"db": "ZDI",
"id": "ZDI-18-519"
},
{
"db": "ZDI",
"id": "ZDI-18-523"
},
{
"db": "ZDI",
"id": "ZDI-18-525"
},
{
"db": "ZDI",
"id": "ZDI-18-509"
},
{
"db": "ZDI",
"id": "ZDI-18-511"
},
{
"db": "ZDI",
"id": "ZDI-18-507"
},
{
"db": "ZDI",
"id": "ZDI-18-497"
},
{
"db": "ZDI",
"id": "ZDI-18-518"
},
{
"db": "ZDI",
"id": "ZDI-18-506"
},
{
"db": "ZDI",
"id": "ZDI-18-520"
},
{
"db": "ZDI",
"id": "ZDI-18-498"
},
{
"db": "ZDI",
"id": "ZDI-18-508"
},
{
"db": "ZDI",
"id": "ZDI-18-517"
},
{
"db": "CNVD",
"id": "CNVD-2018-10713"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
},
{
"db": "NVD",
"id": "CVE-2018-7499"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-511",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-497",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-518",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-498",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-508",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-18-517",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-05-31T00:00:00",
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-511",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-497",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-518",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-498",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-508",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-517",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"date": "2018-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"date": "2018-05-15T22:29:00.503000",
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-516",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-519",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-523",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-525",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-509",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-511",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-507",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-497",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-518",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-506",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-520",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-498",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-508",
"ident": null
},
{
"date": "2018-05-18T00:00:00",
"db": "ZDI",
"id": "ZDI-18-517",
"ident": null
},
{
"date": "2018-05-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-10713",
"ident": null
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-446",
"ident": null
},
{
"date": "2024-11-21T04:12:15.050000",
"db": "NVD",
"id": "CVE-2018-7499",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Advantech WebAccess Node bwtagblk Stack-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-516"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e2f10d30-39ab-11e9-ae57-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-446"
}
],
"trust": 0.8
}
}
cve-2021-38431
Vulnerability from cvelistv5
Published
2021-10-15 12:29
Modified
2024-09-16 18:28
Severity ?
EPSS score ?
Summary
An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users.
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-21-285-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Advantech | WebAccess SCADA |
Version: All < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:22.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-285-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAccess SCADA",
"vendor": "Advantech",
"versions": [
{
"lessThanOrEqual": "9.0.3",
"status": "affected",
"version": "All",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Peter Cheng from ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity, Inc., reported this vulnerability to CISA."
}
],
"datePublic": "2021-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "MISSING AUTHORIZATION CWE-862",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-15T12:29:48",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-285-01"
}
],
"solutions": [
{
"lang": "en",
"value": "Advantech recommends users upgrade to v9.1.1 or later."
}
],
"source": {
"advisory": "ICSA-21-285-01",
"discovery": "UNKNOWN"
},
"title": "Advantech WebAccess SCADA",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-10-12T17:13:00.000Z",
"ID": "CVE-2021-38431",
"STATE": "PUBLIC",
"TITLE": "Advantech WebAccess SCADA"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAccess SCADA",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "All",
"version_value": "9.0.3"
}
]
}
}
]
},
"vendor_name": "Advantech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Peter Cheng from ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity, Inc., reported this vulnerability to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MISSING AUTHORIZATION CWE-862"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-285-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-285-01"
}
]
},
"solution": [
{
"lang": "en",
"value": "Advantech recommends users upgrade to v9.1.1 or later."
}
],
"source": {
"advisory": "ICSA-21-285-01",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-38431",
"datePublished": "2021-10-15T12:29:48.409422Z",
"dateReserved": "2021-08-10T00:00:00",
"dateUpdated": "2024-09-16T18:28:58.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}