cvelistv5 - CVE-2017-5155

CVE-2017-5155 (GCVE-0-2017-5155)

Vulnerability from cvelistv5

Published

2017-02-13 21:00

Modified

2024-08-05 14:55

Severity ?

CWE

Schneider Electric Wonderware Historian default passwords

Summary

References

URL

	Vendor	Product	Version
	n/a	Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier	Version: Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier

ghsa-m6f8-wj73-mhfj

Vulnerability from github

Published

2022-05-13 01:46

Modified

2025-04-20 03:32

Severity ?

7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-5155"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-02-13T21:59:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.",
  "id": "GHSA-m6f8-wj73-mhfj",
  "modified": "2025-04-20T03:32:49Z",
  "published": "2022-05-13T01:46:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5155"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01"
    },
    {
      "type": "WEB",
      "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/95766"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037808"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well. Schneider Electric Wonderware Historian is a set of industrial data management software from Schneider Electric that combines high-speed data acquisition storage systems with traditional relational database management systems. A remote attacker could exploit this vulnerability to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. The vulnerability is caused by the program using insecure default passwords

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201702-0676",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wonderware historian",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "schneider electric",
        "version": "2014_r2_sp1_p01"
      },
      {
        "model": "wonderware historian",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "2014 r2 sp1 p01"
      },
      {
        "model": "wonderware historian r2 sp1 p01",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "schneider electric",
        "version": "\u003c=2014"
      },
      {
        "model": "wonderware historian r2 sp1 p01",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "2014"
      },
      {
        "model": "wonderware historian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "0"
      },
      {
        "model": "2014 r2 sp1 p01",
        "scope": null,
        "trust": 0.2,
        "vendor": "wonderware historian",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "db": "BID",
        "id": "95766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5155"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:schneider_electric:wonderware_historian",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ruslan Habalov and Jan Bee of the Google ISA Assessments Team.",
    "sources": [
      {
        "db": "BID",
        "id": "95766"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2017-5155",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-5155",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-01759",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "195abc78-1252-4e75-8ed2-fea0f775fa46",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-113358",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-5155",
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5155",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-5155",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-01759",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201702-272",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "195abc78-1252-4e75-8ed2-fea0f775fa46",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113358",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5155"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well. Schneider Electric Wonderware Historian is a set of industrial data management software from Schneider Electric that combines high-speed data acquisition storage systems with traditional relational database management systems. A remote attacker could exploit this vulnerability to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. The vulnerability is caused by the program using insecure default passwords",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5155"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "db": "BID",
        "id": "95766"
      },
      {
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113358"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5155",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-024-01",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "95766",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1037808",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "195ABC78-1252-4E75-8ED2-FEA0F775FA46",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-113358",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113358"
      },
      {
        "db": "BID",
        "id": "95766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5155"
      }
    ]
  },
  "id": "VAR-201702-0676",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113358"
      }
    ],
    "trust": 1.7333333
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:41:47.234000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LFSEC00000115",
        "trust": 0.8,
        "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/"
      },
      {
        "title": "Schneider Electric Wonderware Historian Unauthorized Access Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/89596"
      },
      {
        "title": "Schneider Electric Wonderware Historian Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67557"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-1188",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-255",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5155"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-024-01"
      },
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/95766"
      },
      {
        "trust": 1.7,
        "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1037808"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5155"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5155"
      },
      {
        "trust": 0.3,
        "url": "www.controlmicrosystems.com"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113358"
      },
      {
        "db": "BID",
        "id": "95766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5155"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113358"
      },
      {
        "db": "BID",
        "id": "95766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5155"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-22T00:00:00",
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "date": "2017-02-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "date": "2017-02-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113358"
      },
      {
        "date": "2017-01-24T00:00:00",
        "db": "BID",
        "id": "95766"
      },
      {
        "date": "2017-04-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "date": "2017-01-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      },
      {
        "date": "2017-02-13T21:59:02.737000",
        "db": "NVD",
        "id": "CVE-2017-5155"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-02-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113358"
      },
      {
        "date": "2017-02-02T01:01:00",
        "db": "BID",
        "id": "95766"
      },
      {
        "date": "2017-04-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002220"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      },
      {
        "date": "2024-11-21T03:27:09.980000",
        "db": "NVD",
        "id": "CVE-2017-5155"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Schneider Electric Wonderware Historian Unauthorized Access Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "195abc78-1252-4e75-8ed2-fea0f775fa46"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-01759"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201702-272"
      }
    ],
    "trust": 0.6
  }
}

ICSA-17-024-01

Vulnerability from csaf_cisa

Published

2017-01-24 00:00

Modified

2017-01-24 00:00

Summary

Schneider Electric Wonderware Historian

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Remotely exploitable/Low skill level to exploit

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable. Low skill level is needed to exploit.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Ruslan Habalov",
          "Jan Bee"
        ],
        "organization": "the Google ISA Assessments Team",
        "summary": "discovering this vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/Low skill level to exploit",
        "title": "Risk evaluation"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable. Low skill level is needed to exploit.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-024-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-024-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-024-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-024-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-024-01"
      }
    ],
    "title": "Schneider Electric Wonderware Historian",
    "tracking": {
      "current_release_date": "2017-01-24T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-024-01",
      "initial_release_date": "2017-01-24T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-01-24T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-024-01 Schneider Electric Wonderware Historian "
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c SP1 P01",
                "product": {
                  "name": "Wonderware Historian 2014 R2: SP1 P01 and earlier",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Wonderware Historian 2014 R2"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5155",
      "cwe": {
        "id": "CWE-118",
        "name": "Incorrect Access of Indexable Resource (\u0027Range Error\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.CVE-2017-5155 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5155"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Identify where the logins are used. Some likely places for the logins to have been used are: Wonderware Historian Client, Wonderware InTouch and Application Object scripts, Wonderware Information Server configuration, and Custom applications not supplied by Schneider Electric that interact with Historian data.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Logins that are not used should be disabled from the SQL Server Management Studio.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For logins that are still in use, the passwords should be changed from the default.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For an increased level of security, Schneider Electric and Microsoft further advise that connectivity to SQL Server be accomplished with Windows Integrated Security as opposed to using native SQL logins.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

icsa-17-024-01

Vulnerability from csaf_cisa

Published

2017-01-24 00:00

Modified

2017-01-24 00:00

Summary

Schneider Electric Wonderware Historian

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

ATTENTION: Remotely exploitable/Low skill level to exploit

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

Exploitability

No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable. Low skill level is needed to exploit.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Ruslan Habalov",
          "Jan Bee"
        ],
        "organization": "the Google ISA Assessments Team",
        "summary": "discovering this vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/Low skill level to exploit",
        "title": "Risk evaluation"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability. This vulnerability is not remotely exploitable. Low skill level is needed to exploit.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-024-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-024-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-024-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-024-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-024-01"
      }
    ],
    "title": "Schneider Electric Wonderware Historian",
    "tracking": {
      "current_release_date": "2017-01-24T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-024-01",
      "initial_release_date": "2017-01-24T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-01-24T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-024-01 Schneider Electric Wonderware Historian "
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c SP1 P01",
                "product": {
                  "name": "Wonderware Historian 2014 R2: SP1 P01 and earlier",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Wonderware Historian 2014 R2"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5155",
      "cwe": {
        "id": "CWE-118",
        "name": "Incorrect Access of Indexable Resource (\u0027Range Error\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.CVE-2017-5155 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5155"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Identify where the logins are used. Some likely places for the logins to have been used are: Wonderware Historian Client, Wonderware InTouch and Application Object scripts, Wonderware Information Server configuration, and Custom applications not supplied by Schneider Electric that interact with Historian data.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Logins that are not used should be disabled from the SQL Server Management Studio.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For logins that are still in use, the passwords should be changed from the default.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For an increased level of security, Schneider Electric and Microsoft further advise that connectivity to SQL Server be accomplished with Windows Integrated Security as opposed to using native SQL logins.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

gsd-2017-5155

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-5155

Aliases

CVE-2017-5155

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5155",
    "description": "An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.",
    "id": "GSD-2017-5155"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5155"
      ],
      "details": "An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.",
      "id": "GSD-2017-5155",
      "modified": "2023-12-13T01:21:13.505072Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2017-5155",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Schneider Electric Wonderware Historian default passwords"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01"
          },
          {
            "name": "1037808",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037808"
          },
          {
            "name": "95766",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/95766"
          },
          {
            "name": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/",
            "refsource": "CONFIRM",
            "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:wonderware_historian:2014_r2_sp1_p01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-5155"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-1188"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01",
              "refsource": "MISC",
              "tags": [
                "Mitigation",
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01"
            },
            {
              "name": "95766",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/95766"
            },
            {
              "name": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/"
            },
            {
              "name": "1037808",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1037808"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.4
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-02-13T21:59Z"
    }
  }
}

fkie_cve-2017-5155

Vulnerability from fkie_nvd

Published

2017-02-13 21:59

Modified

2025-04-20 01:37

Severity ?

7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/	Vendor Advisory
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/95766	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	http://www.securitytracker.com/id/1037808
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01	Mitigation, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/95766	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037808
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01	Mitigation, Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	schneider-electric	wonderware_historian	2014_r2_sp1_p01

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:wonderware_historian:2014_r2_sp1_p01:*:*:*:*:*:*:*",
              "matchCriteriaId": "E563B308-C7FF-428B-A6E8-4528FD27E8B7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier. Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well."
    },
    {
      "lang": "es",
      "value": "Ha sido descubierto un problema en Schneider Electric Wonderware Historian 2014 R2 SP1 P01 y versiones anteriores. Wonderware Historian crea inicios de sesi\u00f3n con contrase\u00f1as predeterminadas, lo que puede permitir que una entidad maliciosa comprometer las bases de datos de Historian. En algunos escenarios de instalaci\u00f3n, los recursos adem\u00e1s de los creados por Wonderware Historian tambi\u00e9n pueden verse comprometidos."
    }
  ],
  "id": "CVE-2017-5155",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-02-13T21:59:02.737",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95766"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://www.securitytracker.com/id/1037808"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000115/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/95766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-024-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1188"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cnvd-2017-01759

Vulnerability from cnvd

Title

Schneider Electric Wonderware Historian未授权访问漏洞

Description

Schneider Electric Wonderware Historian是法国施耐德电气（Schneider Electric）公司的一套用于将高速数据采集存储系统与传统的关系数据库管理系统相结合的工业数据管理软件。 Schneider Electric Wonderware Historian 2014 R2 SP1 P01及之前的版本中存在未授权访问漏洞，由于程序使用不安全的默认密码。远程攻击者可利用该漏洞获取未授权的访问权限，执行未授权操作。

Severity

中

Patch Name

Schneider Electric Wonderware Historian未授权访问漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： http://www.schneider-electric.com/

Reference

http://www.securityfocus.com/bid/95766

Impacted products

Name
Schneider-Electric Wonderware Historian <=2014 R2 SP1 P01

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "95766"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5155",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5155"
    }
  },
  "description": "Schneider Electric Wonderware Historian\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u5c06\u9ad8\u901f\u6570\u636e\u91c7\u96c6\u5b58\u50a8\u7cfb\u7edf\u4e0e\u4f20\u7edf\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u76f8\u7ed3\u5408\u7684\u5de5\u4e1a\u6570\u636e\u7ba1\u7406\u8f6f\u4ef6\u3002\r\n\r\nSchneider Electric Wonderware Historian 2014 R2 SP1 P01\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u4e0d\u5b89\u5168\u7684\u9ed8\u8ba4\u5bc6\u7801\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u672a\u6388\u6743\u7684\u8bbf\u95ee\u6743\u9650\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002",
  "discovererName": "Ruslan Habalov and Jan Bee of the Google ISA Assessments Team",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.schneider-electric.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-01759",
  "openTime": "2017-02-22",
  "patchDescription": "Schneider Electric Wonderware Historian\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u5c06\u9ad8\u901f\u6570\u636e\u91c7\u96c6\u5b58\u50a8\u7cfb\u7edf\u4e0e\u4f20\u7edf\u7684\u5173\u7cfb\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u76f8\u7ed3\u5408\u7684\u5de5\u4e1a\u6570\u636e\u7ba1\u7406\u8f6f\u4ef6\u3002 \r\n\r\nSchneider Electric Wonderware Historian 2014 R2 SP1 P01\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u4f7f\u7528\u4e0d\u5b89\u5168\u7684\u9ed8\u8ba4\u5bc6\u7801\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u672a\u6388\u6743\u7684\u8bbf\u95ee\u6743\u9650\uff0c\u6267\u884c\u672a\u6388\u6743\u64cd\u4f5c\u3002",
  "patchName": "Schneider Electric Wonderware Historian\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Schneider-Electric Wonderware Historian \u003c=2014 R2 SP1 P01"
  },
  "referenceLink": "http://www.securityfocus.com/bid/95766",
  "serverity": "\u4e2d",
  "submitTime": "2017-02-14",
  "title": "Schneider Electric Wonderware Historian\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-5155 (GCVE-0-2017-5155)

Vulnerability from cvelistv5

ghsa-m6f8-wj73-mhfj

Vulnerability from github

var-201702-0676

Vulnerability from variot

ICSA-17-024-01

Vulnerability from csaf_cisa

icsa-17-024-01

Vulnerability from csaf_cisa

gsd-2017-5155

Vulnerability from gsd

fkie_cve-2017-5155

Vulnerability from fkie_nvd

cnvd-2017-01759

Vulnerability from cnvd

Tags

Sightings

Nomenclature