cvelistv5 - cve-2017-5178

CVE-2017-5178 (GCVE-0-2017-5178)

Vulnerability from cvelistv5

Published

2017-03-08 08:37

Modified

2024-08-05 14:55

Severity ?

CWE

default system account

Summary

References

URL

	Vendor	Product	Version
	n/a	Schneider Electric Wonderware Intelligence 2014R3 and prior	Version: Schneider Electric Wonderware Intelligence 2014R3 and prior

CERTFR-2017-AVI-075

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans SCADA Wonderware by Schneider Electric Tableau Server. Elle permet à un attaquant de provoquer une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Tableau Server versions 7.0 à 10.1.3 utilisés par Wonderware Intelligence versions 2014R3 et antérieures

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

ghsa-642w-w7f4-7hf9

Vulnerability from github

Published

2022-05-13 01:09

Modified

2025-04-20 03:33

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-5178"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-03-08T08:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access.",
  "id": "GHSA-642w-w7f4-7hf9",
  "modified": "2025-04-20T03:33:52Z",
  "published": "2022-05-13T01:09:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5178"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01"
    },
    {
      "type": "WEB",
      "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/96721"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2017-5178

Vulnerability from fkie_nvd

Published

2017-03-08 08:59

Modified

2025-04-20 01:37

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/	Vendor Advisory
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/96721	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/96721	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
schneider-electric	tableau_desktop	7.0
schneider-electric	tableau_desktop	10.1.3
schneider-electric	tableau_server	7.0
schneider-electric	tableau_server	10.1.3
schneider-electric	wonderware_intelligence	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:tableau_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2353C750-C7CA-4105-9431-ADBF2679A6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:tableau_desktop:10.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E68F958-A9A7-458A-B5FD-751F573EB0EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:tableau_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0E4513-4229-4E4B-946A-A706AAA7852F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:tableau_server:10.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D068243A-F7D5-4577-BD75-A072DE93878F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:wonderware_intelligence:*:r3:*:*:*:*:*:*",
              "matchCriteriaId": "AFF847C6-9765-45C4-B914-85031B0214C7",
              "versionEndIncluding": "2014",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema en Schneider Electric Tableau Server/Desktop Versions 7.0 a 10.1.3 en Wonderware Intelligence Versions 2014R3 y anteriores. Estas versiones contienen una cuenta de sistema que se instala por defecto. La cuenta de sistema por defecto es dificil de configurar sin credenciales por defecto tras la instalacci\u00f3n, y cambiar las credenciales por defecto en el Tableau Server incrustado no est\u00e1 documentado. Si Tableau Server se usa con la seguridad integrada de Windows (Active Directory), el software no es vulnerable. Sin embargo, cuando se utiliza Tableau Server con el modo de autenticaci\u00f3n local, el software es vulnerable. La cuenta de sistema por defecto puede ser usada para obtener acceso no autorizado."
    }
  ],
  "id": "CVE-2017-5178",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-03-08T08:59:00.160",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96721"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1188"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

icsa-17-066-01

Vulnerability from csaf_cisa

Published

2017-03-07 00:00

Modified

2017-03-07 00:00

Summary

ICSA-17-066-01_Schneider Electric Wonderware Intelligence

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Summary

Schneider Electric self-reported this vulnerability.

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Schneider Electric",
        "summary": "self-reporting this vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "summary",
        "text": "Schneider Electric self-reported this vulnerability.",
        "title": "Summary"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "CISAservicedesk@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-066-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-066-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-066-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-066-01"
      }
    ],
    "title": "ICSA-17-066-01_Schneider Electric Wonderware Intelligence",
    "tracking": {
      "current_release_date": "2017-03-07T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA USCert CSAF Generator",
          "version": "1"
        }
      },
      "id": "ICSA-17-066-01",
      "initial_release_date": "2017-03-07T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-03-07T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-066-01 Schneider Electric Wonderware Intelligence "
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 7.0 | \u003c= 10.1.3 and Wonderware Intelligence \u003c= 2014R3 ",
                "product": {
                  "name": "Tableau Server/Desktop: Versions 7.0 to 10.1.3 included in Wonderware Intelligence Versions 2014R3 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Tableau Server/Desktop"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5178",
      "cwe": {
        "id": "CWE-1392",
        "name": "Use of Default Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Tableau Server is embedded within the Schneider Electric Wonderware Intelligence software and contains a system account that is installed by default. The default system account is difficult to modify to use non-default credentials after installation and changing the default credentials in the embedded Tableau Server is not documented. As such, Schneider Electric has released a new software version that removes the default system account in the embedded Tableau Server.If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric has released a new software version to address the identified vulnerability and recommends that users using affected versions apply Tableau Server Version 10.1.4. In addition, the Analytics Client (Tableau Desktop OEM) should also be upgraded to Version 10.1.4. Upgrading to Intelligence Server 2014 R3 is also recommended.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The Schneider Electric customers using Wonderware Intelligence can login at the following support sites to download the Tableau patches:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Tableau Analytics Dashboard Server v10.1.4",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://gcsresource.invensys.com/tracking/ConfirmDownload.aspx?id=22386"
        },
        {
          "category": "mitigation",
          "details": "Tableau Analytics Client v10.1.4",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://gcsresource.invensys.com/tracking/ConfirmDownload.aspx?id=22385"
        },
        {
          "category": "mitigation",
          "details": "Wonderware Intelligence 2014 R3",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://gcsresource.invensys.com/tracking/ConfirmDownload.aspx?id=22288"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has issued Security Bulletin LFSEC00000119, which contains additional information:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://software.schneider-electric.com/support/cyber-security-updates/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2017-5178"
    }
  ]
}

ICSA-17-066-01

Vulnerability from csaf_cisa

Published

2017-03-07 00:00

Modified

2017-03-07 00:00

Summary

ICSA-17-066-01_Schneider Electric Wonderware Intelligence

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Summary

Schneider Electric self-reported this vulnerability.

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Schneider Electric",
        "summary": "self-reporting this vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "summary",
        "text": "Schneider Electric self-reported this vulnerability.",
        "title": "Summary"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "CISAservicedesk@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-066-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-066-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-066-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-066-01"
      }
    ],
    "title": "ICSA-17-066-01_Schneider Electric Wonderware Intelligence",
    "tracking": {
      "current_release_date": "2017-03-07T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA USCert CSAF Generator",
          "version": "1"
        }
      },
      "id": "ICSA-17-066-01",
      "initial_release_date": "2017-03-07T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-03-07T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-066-01 Schneider Electric Wonderware Intelligence "
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e= 7.0 | \u003c= 10.1.3 and Wonderware Intelligence \u003c= 2014R3 ",
                "product": {
                  "name": "Tableau Server/Desktop: Versions 7.0 to 10.1.3 included in Wonderware Intelligence Versions 2014R3 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Tableau Server/Desktop"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5178",
      "cwe": {
        "id": "CWE-1392",
        "name": "Use of Default Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Tableau Server is embedded within the Schneider Electric Wonderware Intelligence software and contains a system account that is installed by default. The default system account is difficult to modify to use non-default credentials after installation and changing the default credentials in the embedded Tableau Server is not documented. As such, Schneider Electric has released a new software version that removes the default system account in the embedded Tableau Server.If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric has released a new software version to address the identified vulnerability and recommends that users using affected versions apply Tableau Server Version 10.1.4. In addition, the Analytics Client (Tableau Desktop OEM) should also be upgraded to Version 10.1.4. Upgrading to Intelligence Server 2014 R3 is also recommended.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The Schneider Electric customers using Wonderware Intelligence can login at the following support sites to download the Tableau patches:",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Tableau Analytics Dashboard Server v10.1.4",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://gcsresource.invensys.com/tracking/ConfirmDownload.aspx?id=22386"
        },
        {
          "category": "mitigation",
          "details": "Tableau Analytics Client v10.1.4",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://gcsresource.invensys.com/tracking/ConfirmDownload.aspx?id=22385"
        },
        {
          "category": "mitigation",
          "details": "Wonderware Intelligence 2014 R3",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://gcsresource.invensys.com/tracking/ConfirmDownload.aspx?id=22288"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has issued Security Bulletin LFSEC00000119, which contains additional information:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://software.schneider-electric.com/support/cyber-security-updates/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2017-5178"
    }
  ]
}

gsd-2017-5178

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-5178

Aliases

CVE-2017-5178

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5178",
    "description": "An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access.",
    "id": "GSD-2017-5178"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5178"
      ],
      "details": "An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access.",
      "id": "GSD-2017-5178",
      "modified": "2023-12-13T01:21:13.766490Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2017-5178",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Schneider Electric Wonderware Intelligence 2014R3 and prior",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Schneider Electric Wonderware Intelligence 2014R3 and prior"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "default system account"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01"
          },
          {
            "name": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/",
            "refsource": "CONFIRM",
            "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/"
          },
          {
            "name": "96721",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/96721"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:tableau_server:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:tableau_desktop:10.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:tableau_desktop:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:tableau_server:10.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:wonderware_intelligence:*:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2014",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-5178"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-1188"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01"
            },
            {
              "name": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/"
            },
            {
              "name": "96721",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/96721"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-06-04T14:19Z",
      "publishedDate": "2017-03-08T08:59Z"
    }
  }
}

cnvd-2017-03075

Vulnerability from cnvd

Title

Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop默认凭证安全限制绕过漏洞

Description

Schneider Electric Wonderware Intelligence是法国施耐德电气（Schneider Electric）公司一套工业大数据智能管理解决方案。该解决方案对工业大数据提供可视化的查询和分析等功能。Electric Tableau Server/Desktop是其中的服务器端和桌面。 Schneider Electric Wonderware Intelligence 2014R3及之前的版本中的Schneider Electric Tableau Server/Desktop 7.0版本至10.1.3版本中存在安全漏洞。攻击者可利用该漏洞获取未授权的访问权限。

Severity

高

Patch Name

Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop默认凭证安全限制绕过漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/

Reference

https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01

Impacted products

Name
['Schneider-Electric Wonderware Intelligence Tableau Analytics Client 10.1.3', 'Schneider-Electric Wonderware Intelligence Tableau Analytics Client 7.0', 'Schneider-Electric Wonderware Intelligence Tableau Analytics Dashboard Server 10.1.3', 'Schneider-Electric Wonderware Intelligence Tableau Analytics Dashboard Server 7.0', 'Schneider-Electric Wonderware Intelligence Tableau Analytics Client 0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "96721"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5178",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5178"
    }
  },
  "description": "Schneider Electric Wonderware Intelligence\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u4e00\u5957\u5de5\u4e1a\u5927\u6570\u636e\u667a\u80fd\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u89e3\u51b3\u65b9\u6848\u5bf9\u5de5\u4e1a\u5927\u6570\u636e\u63d0\u4f9b\u53ef\u89c6\u5316\u7684\u67e5\u8be2\u548c\u5206\u6790\u7b49\u529f\u80fd\u3002Electric Tableau Server/Desktop\u662f\u5176\u4e2d\u7684\u670d\u52a1\u5668\u7aef\u548c\u684c\u9762\u3002\r\n\r\nSchneider Electric Wonderware Intelligence 2014R3\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684Schneider Electric Tableau Server/Desktop 7.0\u7248\u672c\u81f310.1.3\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u672a\u6388\u6743\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-03075",
  "openTime": "2017-03-22",
  "patchDescription": "Schneider Electric Wonderware Intelligence\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u4e00\u5957\u5de5\u4e1a\u5927\u6570\u636e\u667a\u80fd\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u89e3\u51b3\u65b9\u6848\u5bf9\u5de5\u4e1a\u5927\u6570\u636e\u63d0\u4f9b\u53ef\u89c6\u5316\u7684\u67e5\u8be2\u548c\u5206\u6790\u7b49\u529f\u80fd\u3002Electric Tableau Server/Desktop\u662f\u5176\u4e2d\u7684\u670d\u52a1\u5668\u7aef\u548c\u684c\u9762\u3002\r\n\r\nSchneider Electric Wonderware Intelligence 2014R3\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684Schneider Electric Tableau Server/Desktop 7.0\u7248\u672c\u81f310.1.3\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u672a\u6388\u6743\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop\u9ed8\u8ba4\u51ed\u8bc1\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Schneider-Electric Wonderware Intelligence Tableau Analytics Client 10.1.3",
      "Schneider-Electric Wonderware Intelligence Tableau Analytics Client  7.0",
      "Schneider-Electric Wonderware Intelligence Tableau Analytics Dashboard Server 10.1.3",
      "Schneider-Electric Wonderware Intelligence Tableau Analytics Dashboard Server  7.0",
      "Schneider-Electric Wonderware Intelligence Tableau Analytics Client 0"
    ]
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01",
  "serverity": "\u9ad8",
  "submitTime": "2017-03-09",
  "title": "Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop\u9ed8\u8ba4\u51ed\u8bc1\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e"
}

var-201703-0660

Vulnerability from variot

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access. Schneider Electric Wonderware Intelligence is a set of industrial big data intelligent management solutions from Schneider Electric. The solution provides visual query and analysis capabilities for industrial big data. Electric Tableau Server/Desktop is the server side and the desktop. This may lead to further attacks. The following products are vulnerable: Wonderware Intelligence Tableau Analytics Dashboard Server 7.0 through 10.1.3 Wonderware Intelligence Tableau Analytics Client 7.0 through 10.1.3 Versions prior to Wonderware Intelligence Wonderware Intelligence 2014 R3

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201703-0660",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "tableau desktop",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "schneider electric",
        "version": "7.0"
      },
      {
        "model": "tableau server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "schneider electric",
        "version": "10.1.3"
      },
      {
        "model": "tableau server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "schneider electric",
        "version": "7.0"
      },
      {
        "model": "tableau desktop",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "schneider electric",
        "version": "10.1.3"
      },
      {
        "model": "wonderware intelligence",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "schneider electric",
        "version": "2014"
      },
      {
        "model": "wonderware intelligence tableau analytics client",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "schneider electric",
        "version": "10.1.3"
      },
      {
        "model": "wonderware intelligence tableau analytics client",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "schneider electric",
        "version": "7.0"
      },
      {
        "model": "wonderware intelligence tableau analytics dashboard server",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "schneider electric",
        "version": "10.1.3"
      },
      {
        "model": "wonderware intelligence tableau analytics dashboard server",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "schneider electric",
        "version": "7.0"
      },
      {
        "model": "tableau desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "7.0 to  10.1.3"
      },
      {
        "model": "tableau server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "7.0 to  10.1.3"
      },
      {
        "model": "wonderware intelligence",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "2014r3"
      },
      {
        "model": "wonderware intelligence tableau analytics client",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "schneider electric",
        "version": "0"
      },
      {
        "model": "wonderware intelligence",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "schneider electric",
        "version": "2014"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "tableau desktop",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "tableau desktop",
        "version": "10.1.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "tableau server",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "tableau server",
        "version": "10.1.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "wonderware intelligence",
        "version": "*"
      },
      {
        "model": "wonderware intelligence wonderware intelligence",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "0"
      },
      {
        "model": "wonderware intelligence wonderware intelligence r3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "2014"
      },
      {
        "model": "wonderware intelligence tableau analytics dashboard server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "10.1.4"
      },
      {
        "model": "wonderware intelligence tableau analytics client",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "10.1.4"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "db": "BID",
        "id": "96721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5178"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:schneider_electric:tableau_desktop",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:schneider_electric:tableau_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:schneider_electric:wonderware_intelligence",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "96721"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-5178",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-5178",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-03075",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "7d7feb10-463f-11e9-8e54-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-113381",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-5178",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5178",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-5178",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-03075",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-353",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "7d7feb10-463f-11e9-8e54-000c29342cb1",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195",
            "trust": 0.2,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113381",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-5178",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113381"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5178"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access. Schneider Electric Wonderware Intelligence is a set of industrial big data intelligent management solutions from Schneider Electric. The solution provides visual query and analysis capabilities for industrial big data. Electric Tableau Server/Desktop is the server side and the desktop. This may lead  to further attacks. \nThe following products are vulnerable:\nWonderware Intelligence Tableau Analytics Dashboard Server 7.0 through 10.1.3\nWonderware Intelligence Tableau Analytics Client 7.0 through 10.1.3\nVersions prior to Wonderware Intelligence Wonderware Intelligence 2014 R3",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "db": "BID",
        "id": "96721"
      },
      {
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113381"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5178"
      }
    ],
    "trust": 2.97
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5178",
        "trust": 3.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-066-01",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "96721",
        "trust": 2.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353",
        "trust": 1.1
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "7D7FEB10-463F-11E9-8E54-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "B1597A71-B107-42CA-BD83-9CAE3C1A9195",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-113381",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5178",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113381"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5178"
      },
      {
        "db": "BID",
        "id": "96721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5178"
      }
    ]
  },
  "id": "VAR-201703-0660",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113381"
      }
    ],
    "trust": 1.85
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:13:09.560000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LFSEC00000119",
        "trust": 0.8,
        "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/"
      },
      {
        "title": "Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop Default Credential Security Restricted Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/90673"
      },
      {
        "title": "Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67840"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/privilege-escalation-flaw-patched-in-schneider-wonderware/124217/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-1188",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-255",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113381"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5178"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-066-01"
      },
      {
        "trust": 1.8,
        "url": "http://www.securityfocus.com/bid/96721"
      },
      {
        "trust": 1.8,
        "url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5178"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5178"
      },
      {
        "trust": 0.3,
        "url": "www.controlmicrosystems.com"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/1188.html"
      },
      {
        "trust": 0.1,
        "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=52969"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/privilege-escalation-flaw-patched-in-schneider-wonderware/124217/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113381"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5178"
      },
      {
        "db": "BID",
        "id": "96721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5178"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113381"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5178"
      },
      {
        "db": "BID",
        "id": "96721"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5178"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-03-22T00:00:00",
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "date": "2017-03-22T00:00:00",
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "date": "2017-03-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "date": "2017-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113381"
      },
      {
        "date": "2017-03-08T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-5178"
      },
      {
        "date": "2017-03-07T00:00:00",
        "db": "BID",
        "id": "96721"
      },
      {
        "date": "2017-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "date": "2017-03-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      },
      {
        "date": "2017-03-08T08:59:00.160000",
        "db": "NVD",
        "id": "CVE-2017-5178"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-03-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113381"
      },
      {
        "date": "2021-06-04T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-5178"
      },
      {
        "date": "2017-03-16T01:00:00",
        "db": "BID",
        "id": "96721"
      },
      {
        "date": "2017-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-002291"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      },
      {
        "date": "2024-11-21T03:27:12.610000",
        "db": "NVD",
        "id": "CVE-2017-5178"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop Default Credential Security Restriction Bypass Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03075"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-353"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-5178 (GCVE-0-2017-5178)

Vulnerability from cvelistv5

Vulnerability from certfr_avis

Solution

Vulnerability from github

Vulnerability from fkie_nvd

Vulnerability from csaf_cisa

Vulnerability from csaf_cisa

Vulnerability from gsd

Vulnerability from cnvd

Vulnerability from variot

Tags

Sightings

Nomenclature