Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2014-2217
Vulnerability from cvelistv5
Published
2014-12-25 21:00
Modified
2024-08-06 10:06
Severity ?
EPSS score ?
Summary
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:06:00.211Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-07T00:00:00", descriptions: [ { lang: "en", value: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-12-25T21:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-2217", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", refsource: "MISC", url: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-2217", datePublished: "2014-12-25T21:00:00", dateReserved: "2014-02-26T00:00:00", dateUpdated: "2024-08-06T10:06:00.211Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2014-2217\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-12-25T21:59:01.657\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de salto en las rutas absolutas en el control RadAsyncUpload en RadControls en Telerik UI de ASP.NET AJAX anterior a Q3 2012 SP2 permite a atacantes remotos escribir en archivos arbitrarios, y consecuentemente ejecutar código arbitrario, a través del nombre de ruta completo en el valor del metadato UploadID\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:telerik:ui_for_asp.net_ajax:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2014.3.1209\",\"matchCriteriaId\":\"C9F3AA55-7CE3-4F24-99C8-E34B0870AACB\"}]}]}],\"references\":[{\"url\":\"http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}", }, }
fkie_cve-2014-2217
Vulnerability from fkie_nvd
Published
2014-12-25 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| telerik | ui_for_asp.net_ajax | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:telerik:ui_for_asp.net_ajax:*:*:*:*:*:*:*:*", matchCriteriaId: "C9F3AA55-7CE3-4F24-99C8-E34B0870AACB", versionEndIncluding: "2014.3.1209", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.", }, { lang: "es", value: "Vulnerabilidad de salto en las rutas absolutas en el control RadAsyncUpload en RadControls en Telerik UI de ASP.NET AJAX anterior a Q3 2012 SP2 permite a atacantes remotos escribir en archivos arbitrarios, y consecuentemente ejecutar código arbitrario, a través del nombre de ruta completo en el valor del metadato UploadID", }, ], id: "CVE-2014-2217", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-12-25T21:59:01.657", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2014-2217
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.
Aliases
Aliases
{ GSD: { alias: "CVE-2014-2217", description: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.", id: "GSD-2014-2217", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2014-2217", ], details: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.", id: "GSD-2014-2217", modified: "2023-12-13T01:22:46.365208Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-2217", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", refsource: "MISC", url: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:telerik:ui_for_asp.net_ajax:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2014.3.1209", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-2217", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", refsource: "MISC", tags: [ "Exploit", ], url: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax/", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: false, }, }, lastModifiedDate: "2014-12-29T17:53Z", publishedDate: "2014-12-25T21:59Z", }, }, }
ghsa-8wc5-2r9c-cj2g
Vulnerability from github
Published
2022-05-17 04:19
Modified
2025-04-12 12:43
Details
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.
{ affected: [], aliases: [ "CVE-2014-2217", ], database_specific: { cwe_ids: [ "CWE-22", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2014-12-25T21:59:00Z", severity: "HIGH", }, details: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.", id: "GHSA-8wc5-2r9c-cj2g", modified: "2025-04-12T12:43:23Z", published: "2022-05-17T04:19:13Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-2217", }, { type: "WEB", url: "http://itq.nl/arbitrary-file-write-in-telerik-ui-for-asp-net-ajax", }, ], schema_version: "1.4.0", severity: [], }
icsa-21-077-03
Vulnerability from csaf_cisa
Published
2021-03-18 00:00
Modified
2021-03-18 00:00
Summary
Hitachi ABB Power Grids eSOMS Telerik
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to upload malicious files to the server, discover sensitive information, or execute arbitrary code.
Critical infrastructure sectors
Energy
Countries/areas deployed
Worldwide
Company headquarters location
Switzerland
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { organization: "Hitachi ABB Power Grids", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an attacker to upload malicious files to the server, discover sensitive information, or execute arbitrary code.", title: "Risk evaluation", }, { category: "other", text: "Energy", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Switzerland", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-21-077-03 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-077-03.json", }, { category: "self", summary: "ICS Advisory ICSA-21-077-03 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-077-03", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Hitachi ABB Power Grids eSOMS Telerik", tracking: { current_release_date: "2021-03-18T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-21-077-03", initial_release_date: "2021-03-18T00:00:00.000000Z", revision_history: [ { date: "2021-03-18T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-21-077-03 Hitachi ABB Power Grids eSOMS Telerik ", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "< 6.3 of telerik software", product: { name: "eSOMS: all versions prior to 6.3 using a version of Telerik software", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "eSOMS", }, ], category: "vendor", name: "Hitachi Energy", }, ], }, vulnerabilities: [ { cve: "CVE-2019-19790", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request.CVE-2019-19790 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19790", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2019-18935", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "summary", text: "Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known.CVE-2019-18935 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18935", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2017-11357", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.CVE-2017-11357 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11357", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2017-11317", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.CVE-2017-11317 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11317", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2017-9248", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.CVE-2017-9248 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9248", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2014-2217", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.CVE-2014-2217 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2217", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2014-4958", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote attackers to inject arbitrary web script or HTML via CSS expressions in style attributes.CVE-2014-4958 has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4958", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, ], }
ICSA-21-077-03
Vulnerability from csaf_cisa
Published
2021-03-18 00:00
Modified
2021-03-18 00:00
Summary
Hitachi ABB Power Grids eSOMS Telerik
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to upload malicious files to the server, discover sensitive information, or execute arbitrary code.
Critical infrastructure sectors
Energy
Countries/areas deployed
Worldwide
Company headquarters location
Switzerland
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{ document: { acknowledgments: [ { organization: "Hitachi ABB Power Grids", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an attacker to upload malicious files to the server, discover sensitive information, or execute arbitrary code.", title: "Risk evaluation", }, { category: "other", text: "Energy", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Switzerland", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities.", title: "Exploitability", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "ICS Advisory ICSA-21-077-03 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-077-03.json", }, { category: "self", summary: "ICS Advisory ICSA-21-077-03 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-077-03", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Hitachi ABB Power Grids eSOMS Telerik", tracking: { current_release_date: "2021-03-18T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-21-077-03", initial_release_date: "2021-03-18T00:00:00.000000Z", revision_history: [ { date: "2021-03-18T00:00:00.000000Z", legacy_version: "Initial", number: "1", summary: "ICSA-21-077-03 Hitachi ABB Power Grids eSOMS Telerik ", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "< 6.3 of telerik software", product: { name: "eSOMS: all versions prior to 6.3 using a version of Telerik software", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "eSOMS", }, ], category: "vendor", name: "Hitachi Energy", }, ], }, vulnerabilities: [ { cve: "CVE-2019-19790", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request.CVE-2019-19790 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19790", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2019-18935", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "summary", text: "Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known.CVE-2019-18935 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18935", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2017-11357", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.CVE-2017-11357 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11357", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2017-11317", cwe: { id: "CWE-326", name: "Inadequate Encryption Strength", }, notes: [ { category: "summary", text: "Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code.CVE-2017-11317 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11317", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2017-9248", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.CVE-2017-9248 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9248", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2014-2217", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.CVE-2014-2217 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2217", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, { cve: "CVE-2014-4958", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, notes: [ { category: "summary", text: "Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote attackers to inject arbitrary web script or HTML via CSS expressions in style attributes.CVE-2014-4958 has been assigned to this vulnerability. A CVSS v3 base score of 4.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).", title: "Vulnerability Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4958", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Hitachi ABB Power Grids has published an advisory for eSOMS Telerik and advises users to update to eSOMS Version 6.3 as soon as possible.", product_ids: [ "CSAFPID-0001", ], url: "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A8943&LanguageCode=en&DocumentPartId=&Action=Launch", }, { category: "mitigation", details: "For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For contact information, visit Hitachi ABB Power Grids contact-centers.", product_ids: [ "CSAFPID-0001", ], url: "https://www.hitachiabb-powergrids.com/contact-us/", }, { category: "mitigation", details: "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include ensuring applications and servers are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that must be evaluated case by case. Sensitive application servers should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "CSAFPID-0001", ], }, ], }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.