Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    6 vulnerabilities by Ice Qube

    VAR-201809-0055

    Vulnerability from variot - Updated: 2023-12-18 13:08

    In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information. Ice Qube Thermal Management Center Contains an authentication vulnerability.Information may be obtained. The program includes email notifications, remote management, LCD display and temperature alarms. Attackers may exploit these issues to gain unauthorized access to the affected device or to obtain sensitive information that may aid in launching further attacks

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0055",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "thermal management center",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "iceqube",
            "version": "4.13"
          },
          {
            "model": "thermal management center",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "ice qube",
            "version": "4.13"
          },
          {
            "model": "qube thermal management center",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "ice",
            "version": "4.13"
          },
          {
            "model": "qube thermal management center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ice",
            "version": "0"
          },
          {
            "model": "qube thermal management center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ice",
            "version": "4.13"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "thermal management center",
            "version": "*"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14026"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:iceqube:thermal_management_center_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.13",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:iceqube:thermal_management_center:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14026"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Maxim Rupp",
        "sources": [
          {
            "db": "BID",
            "id": "105303"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-14026",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2017-14026",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-18145",
                "impactScore": 8.5,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1",
                "impactScore": 8.5,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-14026",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-14026",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-18145",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201708-1249",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "IVD",
                "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1",
                "trust": 0.2,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information. Ice Qube Thermal Management Center Contains an authentication vulnerability.Information may be obtained. The program includes email notifications, remote management, LCD display and temperature alarms. \nAttackers may exploit these issues to gain unauthorized access to the affected device or to obtain sensitive information that may aid in launching further attacks",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-14026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "IVD",
            "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-14026",
            "trust": 3.5
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-249-01",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "105303",
            "trust": 1.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1249",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2F971A2-39AB-11E9-9F8B-000C29342CB1",
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ]
      },
      "id": "VAR-201809-0055",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          }
        ],
        "trust": 1.6333333
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          }
        ]
      },
      "last_update_date": "2023-12-18T13:08:22.071000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Thermal Management",
            "trust": 0.8,
            "url": "https://www.iceqube.com/options-accessories/thermal-management/"
          },
          {
            "title": "Ice Qube Thermal Management Center authentication bypass vulnerability patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/139787"
          },
          {
            "title": "Ice Qube Thermal Management Center Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=100012"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14026"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-249-01"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/105303"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14026"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14026"
          },
          {
            "trust": 0.3,
            "url": "https://www.iceqube.com/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-14026"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-10T00:00:00",
            "db": "IVD",
            "id": "e2f971a2-39ab-11e9-9f8b-000c29342cb1"
          },
          {
            "date": "2018-10-25T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "date": "2018-09-06T00:00:00",
            "db": "BID",
            "id": "105303"
          },
          {
            "date": "2018-12-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "date": "2018-09-06T19:29:00.253000",
            "db": "NVD",
            "id": "CVE-2017-14026"
          },
          {
            "date": "2017-08-31T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-18145"
          },
          {
            "date": "2018-09-06T00:00:00",
            "db": "BID",
            "id": "105303"
          },
          {
            "date": "2018-12-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          },
          {
            "date": "2019-10-09T23:23:45.483000",
            "db": "NVD",
            "id": "CVE-2017-14026"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ice Qube Thermal Management Center Authentication vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014267"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201708-1249"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201809-0032

    Vulnerability from variot - Updated: 2023-12-18 13:08

    In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication. Ice Qube Thermal Management Center Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Ice Qube Thermal Management Center is a thermal management application from Ice Qube, USA. The program includes email notifications, remote management, LCD display and temperature alarms. An attacker could exploit this vulnerability to obtain sensitive information

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0032",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "thermal management center",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "iceqube",
            "version": "4.13"
          },
          {
            "model": "thermal management center",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "ice qube",
            "version": "4.13"
          },
          {
            "model": "qube thermal management center",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "ice",
            "version": "4.13"
          },
          {
            "model": "qube thermal management center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ice",
            "version": "0"
          },
          {
            "model": "qube thermal management center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ice",
            "version": "4.13"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "thermal management center",
            "version": "*"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-16714"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:iceqube:thermal_management_center_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "4.13",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:iceqube:thermal_management_center:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-16714"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Maxim Rupp",
        "sources": [
          {
            "db": "BID",
            "id": "105303"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2017-16714",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.0,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2017-16714",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2018-18113",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "e2f92381-39ab-11e9-89b7-000c29342cb1",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2017-16714",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2017-16714",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2018-18113",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201809-308",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "e2f92381-39ab-11e9-89b7-000c29342cb1",
                "trust": 0.2,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-16714"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication. Ice Qube Thermal Management Center Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Ice Qube Thermal Management Center is a thermal management application from Ice Qube, USA. The program includes email notifications, remote management, LCD display and temperature alarms. An attacker could exploit this vulnerability to obtain sensitive information",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2017-16714"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2017-16714",
            "trust": 3.5
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-18-249-01",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "105303",
            "trust": 1.9
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-308",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266",
            "trust": 0.8
          },
          {
            "db": "IVD",
            "id": "E2F92381-39AB-11E9-89B7-000C29342CB1",
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-16714"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ]
      },
      "id": "VAR-201809-0032",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          }
        ],
        "trust": 1.6333333
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          }
        ]
      },
      "last_update_date": "2023-12-18T13:08:22.037000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Thermal Management",
            "trust": 0.8,
            "url": "https://www.iceqube.com/options-accessories/thermal-management/"
          },
          {
            "title": "Ice Qube Thermal Management Center Information Disclosure Vulnerability Patch",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/139771"
          },
          {
            "title": "Ice Qube Thermal Management Center Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84629"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-522",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-255",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-16714"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.3,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-249-01"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/105303"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16714"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-16714"
          },
          {
            "trust": 0.3,
            "url": "https://www.iceqube.com/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-16714"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "db": "BID",
            "id": "105303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "db": "NVD",
            "id": "CVE-2017-16714"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-10T00:00:00",
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          },
          {
            "date": "2018-09-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "date": "2018-09-06T00:00:00",
            "db": "BID",
            "id": "105303"
          },
          {
            "date": "2018-12-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "date": "2018-09-06T19:29:00.377000",
            "db": "NVD",
            "id": "CVE-2017-16714"
          },
          {
            "date": "2018-09-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2018-09-10T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          },
          {
            "date": "2018-09-06T00:00:00",
            "db": "BID",
            "id": "105303"
          },
          {
            "date": "2018-12-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2017-014266"
          },
          {
            "date": "2019-10-09T23:25:13.643000",
            "db": "NVD",
            "id": "CVE-2017-16714"
          },
          {
            "date": "2019-10-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ice Qube Thermal Management Center Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "e2f92381-39ab-11e9-89b7-000c29342cb1"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2018-18113"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "trust management problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201809-308"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2017-16714 (GCVE-0-2017-16714)

    Vulnerability from cvelistv5 – Published: 2018-09-06 19:00 – Updated: 2024-09-17 01:51
    VLAI
    Summary
    In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication.
    Severity
    No CVSS data available.
    CWE
    • CWE-256 - UNPROTECTED STORAGE OF CREDENTIALS CWE-256
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ice Qube Thermal Management Center Affected: All versions prior to version 4.13
    Create a notification for this product.
    Date Public
    2018-09-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:35:20.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
              },
              {
                "name": "105303",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105303"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Thermal Management Center",
              "vendor": "Ice Qube",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 4.13"
                }
              ]
            }
          ],
          "datePublic": "2018-09-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-256",
                  "description": "UNPROTECTED STORAGE OF CREDENTIALS CWE-256",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-11T09:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
            },
            {
              "name": "105303",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105303"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2018-09-06T00:00:00",
              "ID": "CVE-2017-16714",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Thermal Management Center",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 4.13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Ice Qube"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "UNPROTECTED STORAGE OF CREDENTIALS CWE-256"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
                },
                {
                  "name": "105303",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105303"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2017-16714",
        "datePublished": "2018-09-06T19:00:00.000Z",
        "dateReserved": "2017-11-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:51:12.158Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14026 (GCVE-0-2017-14026)

    Vulnerability from cvelistv5 – Published: 2018-09-06 19:00 – Updated: 2024-09-16 23:55
    VLAI
    Summary
    In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.
    Severity
    No CVSS data available.
    CWE
    • CWE-287 - IMPROPER AUTHENTICATION CWE-287
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ice Qube Thermal Management Center Affected: All versions prior to version 4.13
    Create a notification for this product.
    Date Public
    2018-09-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:13:41.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
              },
              {
                "name": "105303",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105303"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Thermal Management Center",
              "vendor": "Ice Qube",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 4.13"
                }
              ]
            }
          ],
          "datePublic": "2018-09-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "IMPROPER AUTHENTICATION CWE-287",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-11T09:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
            },
            {
              "name": "105303",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105303"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2018-09-06T00:00:00",
              "ID": "CVE-2017-14026",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Thermal Management Center",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 4.13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Ice Qube"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "IMPROPER AUTHENTICATION CWE-287"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
                },
                {
                  "name": "105303",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105303"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2017-14026",
        "datePublished": "2018-09-06T19:00:00.000Z",
        "dateReserved": "2017-08-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:55:57.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-16714 (GCVE-0-2017-16714)

    Vulnerability from nvd – Published: 2018-09-06 19:00 – Updated: 2024-09-17 01:51
    VLAI
    Summary
    In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication.
    Severity
    No CVSS data available.
    CWE
    • CWE-256 - UNPROTECTED STORAGE OF CREDENTIALS CWE-256
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ice Qube Thermal Management Center Affected: All versions prior to version 4.13
    Create a notification for this product.
    Date Public
    2018-09-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:35:20.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
              },
              {
                "name": "105303",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105303"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Thermal Management Center",
              "vendor": "Ice Qube",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 4.13"
                }
              ]
            }
          ],
          "datePublic": "2018-09-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-256",
                  "description": "UNPROTECTED STORAGE OF CREDENTIALS CWE-256",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-11T09:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
            },
            {
              "name": "105303",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105303"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2018-09-06T00:00:00",
              "ID": "CVE-2017-16714",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Thermal Management Center",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 4.13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Ice Qube"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "UNPROTECTED STORAGE OF CREDENTIALS CWE-256"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
                },
                {
                  "name": "105303",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105303"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2017-16714",
        "datePublished": "2018-09-06T19:00:00.000Z",
        "dateReserved": "2017-11-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:51:12.158Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14026 (GCVE-0-2017-14026)

    Vulnerability from nvd – Published: 2018-09-06 19:00 – Updated: 2024-09-16 23:55
    VLAI
    Summary
    In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.
    Severity
    No CVSS data available.
    CWE
    • CWE-287 - IMPROPER AUTHENTICATION CWE-287
    Assigner
    References
    Impacted products
    Vendor Product Version
    Ice Qube Thermal Management Center Affected: All versions prior to version 4.13
    Create a notification for this product.
    Date Public
    2018-09-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:13:41.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
              },
              {
                "name": "105303",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105303"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Thermal Management Center",
              "vendor": "Ice Qube",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions prior to version 4.13"
                }
              ]
            }
          ],
          "datePublic": "2018-09-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "IMPROPER AUTHENTICATION CWE-287",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-11T09:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
            },
            {
              "name": "105303",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105303"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2018-09-06T00:00:00",
              "ID": "CVE-2017-14026",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Thermal Management Center",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions prior to version 4.13"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Ice Qube"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "IMPROPER AUTHENTICATION CWE-287"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01"
                },
                {
                  "name": "105303",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105303"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2017-14026",
        "datePublished": "2018-09-06T19:00:00.000Z",
        "dateReserved": "2017-08-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:55:57.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }