cvelistv5 - CVE-2017-7922

CVE-2017-7922 (GCVE-0-2017-7922)

Vulnerability from cvelistv5

Published

2017-06-21 19:00

Modified

2024-08-05 16:19

Severity ?

CWE

CWE-269

Summary

References

URL

	Vendor	Product	Version
	n/a	Cambium Networks ePMP	Version: Cambium Networks ePMP

fkie_cve-2017-7922

Vulnerability from fkie_nvd

Published

2017-06-21 19:29

Modified

2025-04-20 01:37

Severity ?

7.6 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/99083	Third Party Advisory, US Government Resource
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99083	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
cambium_networks	epmp_1000_firmware	-
cambium_networks	epmp_1000	-
cambium_networks	epmp_elevate_firmware	-
cambium_networks	epmp_elevate	-
cambium_networks	epmp_2000_firmware	-
cambium_networks	epmp_2000	-
cambium_networks	epmp_1000_hotspot_firmware	-
cambium_networks	epmp_1000_hotspot	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cambium_networks:epmp_1000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F8AFE87-7DE5-4D09-AC45-DDD967939A37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cambium_networks:epmp_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A64386E5-D470-4D75-8DBC-1686285BE06F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cambium_networks:epmp_elevate_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A9AA7F-3427-412B-A3D1-0F48E5FD3394",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cambium_networks:epmp_elevate:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44737752-57D7-4DB3-B9F4-D7E52189F511",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cambium_networks:epmp_2000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B140BE5-6FD1-4588-839E-461658EC851D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cambium_networks:epmp_2000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C390E5-C5B7-449A-AFA1-8C746F08D7C6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cambium_networks:epmp_1000_hotspot_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "462EBA74-3C0D-427D-8993-BAC5383D8AF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cambium_networks:epmp_1000_hotspot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC142E94-06B3-4C18-A281-042B66AAB51E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema de gesti\u00f3n incorrecta de privilegios en Cambium Networks ePMP. Los privilegios de las cadenas de comunidad SNMP no se restringen correctamente, lo que podr\u00eda permitir que un atacante obtenga acceso a informaci\u00f3n sensible y, posiblemente, permitir cambios en la configuraci\u00f3n."
    }
  ],
  "id": "CVE-2017-7922",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 7.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-21T19:29:00.433",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.securityfocus.com/bid/99083"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.securityfocus.com/bid/99083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-jhjv-8qfc-cgj4

Vulnerability from github

Published

2022-05-13 01:36

Modified

2022-05-13 01:36

Severity ?

7.6 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-7922"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-21T19:29:00Z",
    "severity": "HIGH"
  },
  "details": "An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.",
  "id": "GHSA-jhjv-8qfc-cgj4",
  "modified": "2022-05-13T01:36:14Z",
  "published": "2022-05-13T01:36:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7922"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99083"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

cnvd-2017-14371

Vulnerability from cnvd

Title

Cambium Networks ePMP权限提升漏洞

Description

Cambium Networks ePMP是美国Cambium Networks公司的一套无线网络接入平台。该平台提供视频监控、Wi-Fi热点和传感器连接等功能。 Cambium Networks ePMP中存在权限提升漏洞，该漏洞源于对SNMP community字符串程序未能正确的限制权限。攻击者可利用该漏洞获取敏感信息的访问权限或可能更改配置。

Severity

中

Patch Name

Cambium Networks ePMP权限提升漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： http://www.cambiumnetworks.com/

Reference

http://www.securityfocus.com/bid/99083

Impacted products

Name
Cambium Networks ePMP 1000

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "99083"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-7922"
    }
  },
  "description": "Cambium Networks ePMP\u662f\u7f8e\u56fdCambium Networks\u516c\u53f8\u7684\u4e00\u5957\u65e0\u7ebf\u7f51\u7edc\u63a5\u5165\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u89c6\u9891\u76d1\u63a7\u3001Wi-Fi\u70ed\u70b9\u548c\u4f20\u611f\u5668\u8fde\u63a5\u7b49\u529f\u80fd\u3002\r\n\r\nCambium Networks ePMP\u4e2d\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9SNMP community\u5b57\u7b26\u4e32\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u9650\u5236\u6743\u9650\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7684\u8bbf\u95ee\u6743\u9650\u6216\u53ef\u80fd\u66f4\u6539\u914d\u7f6e\u3002",
  "discovererName": "Karn Ganeshen",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.cambiumnetworks.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-14371",
  "openTime": "2017-07-13",
  "patchDescription": "Cambium Networks ePMP\u662f\u7f8e\u56fdCambium Networks\u516c\u53f8\u7684\u4e00\u5957\u65e0\u7ebf\u7f51\u7edc\u63a5\u5165\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u89c6\u9891\u76d1\u63a7\u3001Wi-Fi\u70ed\u70b9\u548c\u4f20\u611f\u5668\u8fde\u63a5\u7b49\u529f\u80fd\u3002\r\n\r\nCambium Networks ePMP\u4e2d\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9SNMP community\u5b57\u7b26\u4e32\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u7684\u9650\u5236\u6743\u9650\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7684\u8bbf\u95ee\u6743\u9650\u6216\u53ef\u80fd\u66f4\u6539\u914d\u7f6e\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cambium Networks ePMP\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cambium Networks ePMP 1000"
  },
  "referenceLink": "http://www.securityfocus.com/bid/99083",
  "serverity": "\u4e2d",
  "submitTime": "2017-06-22",
  "title": "Cambium Networks ePMP\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

gsd-2017-7922

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-7922

Aliases

CVE-2017-7922

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-7922",
    "description": "An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.",
    "id": "GSD-2017-7922"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-7922"
      ],
      "details": "An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.",
      "id": "GSD-2017-7922",
      "modified": "2023-12-13T01:21:06.264722Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2017-7922",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cambium Networks ePMP",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cambium Networks ePMP"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-269"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "99083",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/99083"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_1000_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_elevate_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_elevate:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_2000_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_2000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_1000_hotspot_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_1000_hotspot:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-7922"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-269"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
            },
            {
              "name": "99083",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.securityfocus.com/bid/99083"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 4.7
        }
      },
      "lastModifiedDate": "2019-10-09T23:29Z",
      "publishedDate": "2017-06-21T19:29Z"
    }
  }
}

An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes. Cambium Networks ePMP Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cambium Networks ePMP is a wireless network access platform from Cambium Networks of the United States. The platform provides features such as video surveillance, Wi-Fi hotspots and sensor connectivity. Exploiting these issues will allow attackers to bypass certain security restrictions and gain elevated privileges. Other attacks are also possible

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201706-0664",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "epmp 1000 hotspot",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp elevate",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 1000",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 2000",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 1000 hotspot",
        "scope": null,
        "trust": 0.8,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 1000",
        "scope": null,
        "trust": 0.8,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 2000",
        "scope": null,
        "trust": 0.8,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp elevate",
        "scope": null,
        "trust": 0.8,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "networks epmp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cambium",
        "version": "1000"
      },
      {
        "model": "networks epmp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cambium",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "epmp 1000",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "epmp elevate",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "epmp 2000",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "epmp 1000 hotspot",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7922"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:cambium_networks:epmp_1000_hotspot_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:cambium_networks:epmp_1000_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:cambium_networks:epmp_2000_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:cambium_networks:epmp_elevate_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Karn Ganeshen",
    "sources": [
      {
        "db": "BID",
        "id": "99083"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-7922",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2017-7922",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2017-14371",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-116125",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "LOW",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-7922",
            "impactScore": 4.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-7922",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-7922",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-14371",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201704-1048",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-116125",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116125"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7922"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes. Cambium Networks ePMP Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cambium Networks ePMP is a wireless network access platform from Cambium Networks of the United States. The platform provides features such as video surveillance, Wi-Fi hotspots and sensor connectivity. \nExploiting these issues will allow attackers to bypass certain security restrictions and gain elevated privileges. Other attacks are also possible",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-7922"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "IVD",
        "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116125"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-7922",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-166-01",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "99083",
        "trust": 2.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "7E18F705-06A8-4D57-9A91-41D9EB777AD5",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-116125",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116125"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7922"
      }
    ]
  },
  "id": "VAR-201706-0664",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116125"
      }
    ],
    "trust": 1.79285713
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:30:46.512000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.cambiumnetworks.com/"
      },
      {
        "title": "Cambium Networks ePMP Privilege Escalation Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/98072"
      },
      {
        "title": "Cambium Networks ePMP Fixes for permissions and access control issues vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100393"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-269",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-116125"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7922"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-166-01"
      },
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/99083"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7922"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7922"
      },
      {
        "trust": 0.3,
        "url": "http://www.cambiumnetworks.com/products/access/epmp-1000/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116125"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7922"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116125"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7922"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-13T00:00:00",
        "db": "IVD",
        "id": "7e18f705-06a8-4d57-9a91-41d9eb777ad5"
      },
      {
        "date": "2017-07-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "date": "2017-06-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-116125"
      },
      {
        "date": "2017-06-14T00:00:00",
        "db": "BID",
        "id": "99083"
      },
      {
        "date": "2017-07-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "date": "2017-04-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      },
      {
        "date": "2017-06-21T19:29:00.433000",
        "db": "NVD",
        "id": "CVE-2017-7922"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-14371"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-116125"
      },
      {
        "date": "2017-06-14T00:00:00",
        "db": "BID",
        "id": "99083"
      },
      {
        "date": "2017-07-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      },
      {
        "date": "2024-11-21T03:32:58.280000",
        "db": "NVD",
        "id": "CVE-2017-7922"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cambium Networks ePMP Vulnerabilities related to authorization, permissions, and access control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005033"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1048"
      }
    ],
    "trust": 0.6
  }
}

ICSA-17-166-01

Vulnerability from csaf_cisa

Published

2017-06-15 00:00

Modified

2017-06-15 00:00

Summary

Cambium Networks ePMP

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Countries/areas deployed

Worldwide

Company headquarters location

Rolling Meadows, Illinois

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.

Exploitability

Exploits that target these vulnerabilities are publicly available.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Karn Ganeshen"
        ],
        "summary": "identifying these vulnerabilities"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Rolling Meadows, Illinois",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "Exploits that target these vulnerabilities are publicly available.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-166-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-166-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-166-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-166-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-166-01"
      }
    ],
    "title": "Cambium Networks ePMP",
    "tracking": {
      "current_release_date": "2017-06-15T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-166-01",
      "initial_release_date": "2017-06-15T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-06-15T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-166-01 Cambium Networks ePMP"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "ePMP: All Models",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "ePMP"
          }
        ],
        "category": "vendor",
        "name": "Cambium Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-7918",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes.CVE-2017-7918 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7918"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Cambium recommends that users with the affected products should update to firmware version 3.4-RC7 or newer. This update can be found by logging in at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.cambiumnetworks.com/login"
        },
        {
          "category": "mitigation",
          "details": "Cambium also recommends that users edit default SNMP configuration. Affected models come set with the default values of \u201cpublic\u201d and \u201cprivate\u201d for RO (read only) and RW (read write) community strings. Cambium recommends changing this to a random string consisting of eight or more characters in length, including both upper and lower case letters and numbers for variability.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2017-7922",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.CVE-2017-7922 has been assigned to this vulnerability. A CVSS v3 base score of 7.6 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7922"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Cambium recommends that users with the affected products should update to firmware version 3.4-RC7 or newer. This update can be found by logging in at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.cambiumnetworks.com/login"
        },
        {
          "category": "mitigation",
          "details": "Cambium also recommends that users edit default SNMP configuration. Affected models come set with the default values of \u201cpublic\u201d and \u201cprivate\u201d for RO (read only) and RW (read write) community strings. Cambium recommends changing this to a random string consisting of eight or more characters in length, including both upper and lower case letters and numbers for variability.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

icsa-17-166-01

Vulnerability from csaf_cisa

Published

2017-06-15 00:00

Modified

2017-06-15 00:00

Summary

Cambium Networks ePMP

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Countries/areas deployed

Worldwide

Company headquarters location

Rolling Meadows, Illinois

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

Exploitability

Exploits that target these vulnerabilities are publicly available.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Karn Ganeshen"
        ],
        "summary": "identifying these vulnerabilities"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Rolling Meadows, Illinois",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "Exploits that target these vulnerabilities are publicly available.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-166-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-166-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-166-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-166-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-166-01"
      }
    ],
    "title": "Cambium Networks ePMP",
    "tracking": {
      "current_release_date": "2017-06-15T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-166-01",
      "initial_release_date": "2017-06-15T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-06-15T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-166-01 Cambium Networks ePMP"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "ePMP: All Models",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "ePMP"
          }
        ],
        "category": "vendor",
        "name": "Cambium Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-7918",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes.CVE-2017-7918 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7918"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Cambium recommends that users with the affected products should update to firmware version 3.4-RC7 or newer. This update can be found by logging in at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.cambiumnetworks.com/login"
        },
        {
          "category": "mitigation",
          "details": "Cambium also recommends that users edit default SNMP configuration. Affected models come set with the default values of \u201cpublic\u201d and \u201cprivate\u201d for RO (read only) and RW (read write) community strings. Cambium recommends changing this to a random string consisting of eight or more characters in length, including both upper and lower case letters and numbers for variability.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2017-7922",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.CVE-2017-7922 has been assigned to this vulnerability. A CVSS v3 base score of 7.6 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7922"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Cambium recommends that users with the affected products should update to firmware version 3.4-RC7 or newer. This update can be found by logging in at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.cambiumnetworks.com/login"
        },
        {
          "category": "mitigation",
          "details": "Cambium also recommends that users edit default SNMP configuration. Affected models come set with the default values of \u201cpublic\u201d and \u201cprivate\u201d for RO (read only) and RW (read write) community strings. Cambium recommends changing this to a random string consisting of eight or more characters in length, including both upper and lower case letters and numbers for variability.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-7922 (GCVE-0-2017-7922)

Vulnerability from cvelistv5

fkie_cve-2017-7922

Vulnerability from fkie_nvd

ghsa-jhjv-8qfc-cgj4

Vulnerability from github

cnvd-2017-14371

Vulnerability from cnvd

gsd-2017-7922

Vulnerability from gsd

var-201706-0664

Vulnerability from variot

ICSA-17-166-01

Vulnerability from csaf_cisa

icsa-17-166-01

Vulnerability from csaf_cisa

Tags

Sightings

Nomenclature