Vulnerability-Lookup

CNVD-2020-19255

Vulnerability from cnvd - Published: 2020-03-25

Title

Johnson Controls Kantech EntraPass输入验证错误漏洞

Description

Johnson Controls Kantech EntraPass是美国江森自控（Johnson Controls）公司的一款菜单驱动式的安防管理系统。 Johnson Controls Kantech EntraPass Corporate Edition 8.0及之前版本和Kantech EntraPass Global Edition 8.0及之前版本中的SmartService API Service选项存在输入验证错误漏洞，攻击者可利用该漏洞以系统权限执行恶意代码。

Severity

高

Patch Name

Johnson Controls Kantech EntraPass输入验证错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.johnsoncontrols.com

Reference

https://www.us-cert.gov/ics/advisories/icsa-20-070-04

Impacted products

Name
['Johnson Controls Kantech EntraPass Corporate Edition <=8.0', 'Johnson Controls Kantech EntraPass Global Edition <=8.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-7589"
    }
  },
  "description": "Johnson Controls Kantech EntraPass\u662f\u7f8e\u56fd\u6c5f\u68ee\u81ea\u63a7\uff08Johnson Controls\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u83dc\u5355\u9a71\u52a8\u5f0f\u7684\u5b89\u9632\u7ba1\u7406\u7cfb\u7edf\u3002\n\nJohnson Controls Kantech EntraPass Corporate Edition 8.0\u53ca\u4e4b\u524d\u7248\u672c\u548cKantech EntraPass Global Edition 8.0\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684SmartService API Service\u9009\u9879\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u7cfb\u7edf\u6743\u9650\u6267\u884c\u6076\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.johnsoncontrols.com",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-19255",
  "openTime": "2020-03-25",
  "patchDescription": "Johnson Controls Kantech EntraPass\u662f\u7f8e\u56fd\u6c5f\u68ee\u81ea\u63a7\uff08Johnson Controls\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u83dc\u5355\u9a71\u52a8\u5f0f\u7684\u5b89\u9632\u7ba1\u7406\u7cfb\u7edf\u3002\r\n\r\nJohnson Controls Kantech EntraPass Corporate Edition 8.0\u53ca\u4e4b\u524d\u7248\u672c\u548cKantech EntraPass Global Edition 8.0\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684SmartService API Service\u9009\u9879\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5\u7cfb\u7edf\u6743\u9650\u6267\u884c\u6076\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Johnson Controls Kantech EntraPass\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Johnson Controls Kantech EntraPass Corporate Edition \u003c=8.0",
      "Johnson Controls Kantech EntraPass Global Edition \u003c=8.0"
    ]
  },
  "referenceLink": "https://www.us-cert.gov/ics/advisories/icsa-20-070-04",
  "serverity": "\u9ad8",
  "submitTime": "2020-03-11",
  "title": "Johnson Controls Kantech EntraPass\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2019-7589 (GCVE-0-2019-7589)

Vulnerability from cvelistv5 – Published: 2020-03-10 19:32 – Updated: 2024-08-04 20:54

Title

Kantech EntraPass Improper Input Validation

Summary

A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate Edition versions 8.0 and prior; Kantech EntraPass Global Edition versions 8.0 and prior.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20 - - Improper Input Validation

Assigner

jci

References

URL

Tags

	https://www.johnsoncontrols.com/cyber-solutions/s…	x_refsource_CONFIRM
	https://www.us-cert.gov/ics/advisories/icsa-20-070-04	third-party-advisoryx_refsource_CERT

Impacted products

Vendor

Product

Version

Johnson Controls

Kantech EntraPass Corporate Edition

Affected: versions 8.0 and prior

Johnson Controls

Kantech EntraPass Global Edition

Affected: versions 8.0 and prior

Credits

Joachim Kerschbaumer

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:54:28.476Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
          },
          {
            "name": "ICS-CERT Advisory",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kantech EntraPass Corporate Edition",
          "vendor": "Johnson Controls",
          "versions": [
            {
              "status": "affected",
              "version": "versions 8.0 and prior"
            }
          ]
        },
        {
          "product": "Kantech EntraPass Global Edition",
          "vendor": "Johnson Controls",
          "versions": [
            {
              "status": "affected",
              "version": "versions 8.0 and prior"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Joachim Kerschbaumer"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls\u0027 Kantech EntraPass Corporate Edition versions 8.0 and prior; Kantech EntraPass Global Edition versions 8.0 and prior."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 - Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-10T19:32:39",
        "orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
        "shortName": "jci"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
        },
        {
          "name": "ICS-CERT Advisory",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-04"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade impacted Kantech EntraPass Global and Corporate edition software to version 8.10."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Kantech EntraPass Improper Input Validation",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productsecurity@jci.com",
          "ID": "CVE-2019-7589",
          "STATE": "PUBLIC",
          "TITLE": "Kantech EntraPass Improper Input Validation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Kantech EntraPass Corporate Edition",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "versions 8.0 and prior"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Kantech EntraPass Global Edition",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "versions 8.0 and prior"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Johnson Controls"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Joachim Kerschbaumer"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls\u0027 Kantech EntraPass Corporate Edition versions 8.0 and prior; Kantech EntraPass Global Edition versions 8.0 and prior."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 - Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories",
              "refsource": "CONFIRM",
              "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"
            },
            {
              "name": "ICS-CERT Advisory",
              "refsource": "CERT",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-20-070-04"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Upgrade impacted Kantech EntraPass Global and Corporate edition software to version 8.10."
          }
        ],
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01",
    "assignerShortName": "jci",
    "cveId": "CVE-2019-7589",
    "datePublished": "2020-03-10T19:32:39",
    "dateReserved": "2019-02-07T00:00:00",
    "dateUpdated": "2024-08-04T20:54:28.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-19255

CVE-2019-7589 (GCVE-0-2019-7589)

Tags

Sightings

Nomenclature