CNVD-2017-05116

Vulnerability from cnvd - Published: 2017-04-23
VLAI Severity ?
Title
NETGEAR ProSAFE Plus Configuration Utility不正确访问控制漏洞
Description
NetGear ProSafe是监控和配置网络的智能交换机产品。 NETGEAR ProSAFE Plus Configuration Utility存在不正确访问控制漏洞,攻击者可利用漏洞根据SOAP请求来执行交换机的配置任务。
Severity
Patch Name
NETGEAR ProSAFE Plus Configuration Utility不正确访问控制漏洞的补丁
Patch Description
NetGear ProSafe是监控和配置网络的智能交换机产品。 NETGEAR ProSAFE Plus Configuration Utility存在不正确访问控制漏洞,攻击者可利用漏洞根据SOAP请求来执行交换机的配置任务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

用户可联系供应商获得补丁信息: http://jvn.jp/en/jp/JVN08740778/

Reference
http://jvn.jp/en/jp/JVN08740778/
Impacted products
Name
NETGEAR ProSAFE Plus Configuration Utility <2.3.29
Show details on source website
To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2137"
    }
  },
  "description": "NetGear ProSafe\u662f\u76d1\u63a7\u548c\u914d\u7f6e\u7f51\u7edc\u7684\u667a\u80fd\u4ea4\u6362\u673a\u4ea7\u54c1\u3002 \r\n\r\nNETGEAR ProSAFE Plus Configuration Utility\u5b58\u5728\u4e0d\u6b63\u786e\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u6839\u636eSOAP\u8bf7\u6c42\u6765\u6267\u884c\u4ea4\u6362\u673a\u7684\u914d\u7f6e\u4efb\u52a1\u3002",
  "discovererName": "CVE-2017-2137",
  "formalWay": "\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://jvn.jp/en/jp/JVN08740778/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-05116",
  "openTime": "2017-04-23",
  "patchDescription": "NetGear ProSafe\u662f\u76d1\u63a7\u548c\u914d\u7f6e\u7f51\u7edc\u7684\u667a\u80fd\u4ea4\u6362\u673a\u4ea7\u54c1\u3002 \r\n\r\nNETGEAR ProSAFE Plus Configuration Utility\u5b58\u5728\u4e0d\u6b63\u786e\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u6839\u636eSOAP\u8bf7\u6c42\u6765\u6267\u884c\u4ea4\u6362\u673a\u7684\u914d\u7f6e\u4efb\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "NETGEAR ProSAFE Plus Configuration Utility\u4e0d\u6b63\u786e\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "NETGEAR ProSAFE Plus Configuration Utility \u003c2.3.29"
  },
  "referenceLink": "http://jvn.jp/en/jp/JVN08740778/",
  "serverity": "\u4f4e",
  "submitTime": "2017-04-01",
  "title": "NETGEAR ProSAFE Plus Configuration Utility\u4e0d\u6b63\u786e\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.