var-201405-0535
Vulnerability from variot
GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary commands via unspecified vectors. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetPermissions.asp component of the web server. Authentication is not required to exploit this vulnerability.The specific flaw exists within the EvalExpresssion method, which is available remotely through the AJAX facility. Using this method, it is possible to execute arbitrary Gamma code. Cogent DataHub is software for SCADA and automation. Versions prior to Cogent DataHub 7.3.5 are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.3.1"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.3.0"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.2.2"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.1.2"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.1.1.63"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.1.1"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.1.0"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.0.2"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.9,
"vendor": "cogentdatahub",
"version": "7.0"
},
{
"_id": null,
"model": "datahub",
"scope": null,
"trust": 1.4,
"vendor": "cogent real time",
"version": null
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.0,
"vendor": "cogentdatahub",
"version": "7.3.3"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 1.0,
"vendor": "cogentdatahub",
"version": "7.3.2"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "lte",
"trust": 1.0,
"vendor": "cogentdatahub",
"version": "7.3.4"
},
{
"_id": null,
"model": "datahub",
"scope": "lt",
"trust": 0.8,
"vendor": "cogent real time",
"version": "7.3.5"
},
{
"_id": null,
"model": "real-time systems cogent datahub",
"scope": null,
"trust": 0.6,
"vendor": "cogent",
"version": null
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 0.6,
"vendor": "cogentdatahub",
"version": "7.3.4"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.0.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.1.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.1.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.1.1.63"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.1.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.2.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.3.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.3.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.3.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "7.3.3"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "cogent datahub",
"version": "*"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 0.3,
"vendor": "cogentdatahub",
"version": "7.3.8"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "eq",
"trust": 0.3,
"vendor": "cogentdatahub",
"version": "7"
},
{
"_id": null,
"model": "cogent datahub",
"scope": "ne",
"trust": 0.3,
"vendor": "cogentdatahub",
"version": "7.3.9"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cogentdatahub:cogent_datahub",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
}
]
},
"credits": {
"_id": null,
"data": "John Leitch",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "BID",
"id": "67486"
}
],
"trust": 1.0
},
"cve": "CVE-2014-3789",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-3789",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 3.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-03106",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "f6f85540-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "CVE-2014-3789",
"trust": 1.4,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3789",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-3789",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-03106",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-459",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
}
]
},
"description": {
"_id": null,
"data": "GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary commands via unspecified vectors. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GetPermissions.asp component of the web server. Authentication is not required to exploit this vulnerability.The specific flaw exists within the EvalExpresssion method, which is available remotely through the AJAX facility. Using this method, it is possible to execute arbitrary Gamma code. Cogent DataHub is software for SCADA and automation. \nVersions prior to Cogent DataHub 7.3.5 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3789"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 4.32
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-3789",
"trust": 5.4
},
{
"db": "ZDI",
"id": "ZDI-14-136",
"trust": 4.0
},
{
"db": "BID",
"id": "67486",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-15-246-01",
"trust": 1.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-01",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-03106",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2160",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2981",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-15-438",
"trust": 0.7
},
{
"db": "BID",
"id": "76614",
"trust": 0.3
},
{
"db": "IVD",
"id": "7D7A6CD1-463F-11E9-B51A-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "F6F85540-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
}
]
},
"id": "VAR-201405-0535",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
}
],
"trust": 1.72033408
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
}
]
},
"last_update_date": "2024-11-23T23:09:23.057000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Release Notes",
"trust": 1.5,
"url": "http://cogentdatahub.com/ReleaseNotes.html"
},
{
"title": "Cogent Real-Time Systems has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-01"
},
{
"title": "Cogent Real-Time Systems DataHub \u0027GetPermissions.asp\u0027 patch for remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/45728"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-14-136/"
},
{
"trust": 2.6,
"url": "http://cogentdatahub.com/releasenotes.html"
},
{
"trust": 2.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-246-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/67486"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3789"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3789"
},
{
"trust": 0.3,
"url": "http://www.cogentdatahub.com/index.html"
},
{
"trust": 0.3,
"url": "http://cogentdatahub.com/index.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-136"
},
{
"db": "ZDI",
"id": "ZDI-15-438"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
},
{
"db": "NVD",
"id": "CVE-2014-3789"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1",
"ident": null
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-14-136",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-438",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2014-03106",
"ident": null
},
{
"db": "BID",
"id": "67486",
"ident": null
},
{
"db": "BID",
"id": "76614",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002621",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-3789",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-05-22T00:00:00",
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1",
"ident": null
},
{
"date": "2014-05-22T00:00:00",
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2014-05-19T00:00:00",
"db": "ZDI",
"id": "ZDI-14-136",
"ident": null
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-438",
"ident": null
},
{
"date": "2014-05-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03106",
"ident": null
},
{
"date": "2014-05-19T00:00:00",
"db": "BID",
"id": "67486",
"ident": null
},
{
"date": "2015-09-03T00:00:00",
"db": "BID",
"id": "76614",
"ident": null
},
{
"date": "2014-05-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002621",
"ident": null
},
{
"date": "2014-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-459",
"ident": null
},
{
"date": "2014-05-22T23:55:03.767000",
"db": "NVD",
"id": "CVE-2014-3789",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2014-05-19T00:00:00",
"db": "ZDI",
"id": "ZDI-14-136",
"ident": null
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-438",
"ident": null
},
{
"date": "2014-05-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03106",
"ident": null
},
{
"date": "2015-03-19T09:10:00",
"db": "BID",
"id": "67486",
"ident": null
},
{
"date": "2015-09-03T00:00:00",
"db": "BID",
"id": "76614",
"ident": null
},
{
"date": "2014-07-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002621",
"ident": null
},
{
"date": "2014-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-459",
"ident": null
},
{
"date": "2024-11-21T02:08:50.237000",
"db": "NVD",
"id": "CVE-2014-3789",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "network",
"sources": [
{
"db": "BID",
"id": "67486"
},
{
"db": "BID",
"id": "76614"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Cogent Real-Time Systems DataHub \u0027GetPermissions.asp\u0027 Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03106"
},
{
"db": "BID",
"id": "67486"
}
],
"trust": 1.3
},
"type": {
"_id": null,
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "7d7a6cd1-463f-11e9-b51a-000c29342cb1"
},
{
"db": "IVD",
"id": "f6f85540-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-459"
}
],
"trust": 1.0
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.