var-201503-0334
Vulnerability from variot
Untrusted search path vulnerability in CmnView.exe in CIMON CmnView 2.14.0.1 and 3.x before UltimateAccess 3.02 allows local users to gain privileges via a Trojan horse DLL in the current working directory. CIMON CmnView and UltimateAccess of CmnView.exe Contains a vulnerability that allows it to get permission due to a flaw in search path processing. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. CmnView is a WEB-based SCADA application. The CmnView application contains a DLL that fails to specify an absolute path, allowing an attacker to exploit a vulnerability to build a malicious application, placed in a specific path, allowing the application to maliciously load the DLL and execute it. Cimon CmnView is prone to a vulnerability that lets attackers execute arbitrary code. Successful exploits will allow the attackers to execute arbitrary code in the context of the user running the affected application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0334",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cmnview",
"scope": "eq",
"trust": 2.3,
"vendor": "cimon",
"version": "2.14.0.1"
},
{
"model": "ultimateaccess",
"scope": "eq",
"trust": 2.2,
"vendor": "cimon",
"version": "3.00"
},
{
"model": "cmnview",
"scope": "lte",
"trust": 1.0,
"vendor": "cimon",
"version": "2.14.0.1"
},
{
"model": "ultimateaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "cimon",
"version": "3.01"
},
{
"model": "cmnview",
"scope": "eq",
"trust": 0.8,
"vendor": "cimon",
"version": "3.x"
},
{
"model": "ultimateaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "cimon",
"version": "3.02"
},
{
"model": "ultimateaccess",
"scope": "lte",
"trust": 0.6,
"vendor": "cimon",
"version": "\u003c=3.01"
},
{
"model": "ultimateaccess",
"scope": "eq",
"trust": 0.6,
"vendor": "cimon",
"version": "3.01"
},
{
"model": "cmnview",
"scope": "eq",
"trust": 0.3,
"vendor": "cimon",
"version": "3.0"
},
{
"model": "cmnview",
"scope": "ne",
"trust": 0.3,
"vendor": "cimon",
"version": "3.02"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "cmnview",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ultimateaccess",
"version": "3.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "ultimateaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"db": "BID",
"id": "73027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-326"
},
{
"db": "NVD",
"id": "CVE-2014-9207"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cimon:cmnview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cimon:ultimate_access",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Sanchez of Wise Security",
"sources": [
{
"db": "BID",
"id": "73027"
}
],
"trust": 0.3
},
"cve": "CVE-2014-9207",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2014-9207",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CNVD-2015-01826",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-9207",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-9207",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-01826",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-326",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-326"
},
{
"db": "NVD",
"id": "CVE-2014-9207"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in CmnView.exe in CIMON CmnView 2.14.0.1 and 3.x before UltimateAccess 3.02 allows local users to gain privileges via a Trojan horse DLL in the current working directory. CIMON CmnView and UltimateAccess of CmnView.exe Contains a vulnerability that allows it to get permission due to a flaw in search path processing. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. CmnView is a WEB-based SCADA application. The CmnView application contains a DLL that fails to specify an absolute path, allowing an attacker to exploit a vulnerability to build a malicious application, placed in a specific path, allowing the application to maliciously load the DLL and execute it. Cimon CmnView is prone to a vulnerability that lets attackers execute arbitrary code. \nSuccessful exploits will allow the attackers to execute arbitrary code in the context of the user running the affected application",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9207"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"db": "BID",
"id": "73027"
},
{
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9207",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-15-069-01",
"trust": 3.3
},
{
"db": "BID",
"id": "73027",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2015-01826",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201503-326",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007978",
"trust": 0.8
},
{
"db": "IVD",
"id": "9CAC41E6-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"db": "BID",
"id": "73027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-326"
},
{
"db": "NVD",
"id": "CVE-2014-9207"
}
]
},
"id": "VAR-201503-0334",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01826"
}
],
"trust": 1.4125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01826"
}
]
},
"last_update_date": "2024-11-23T21:55:05.094000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.cimon.com/eng/"
},
{
"title": "Cimon CmnView DLL hijacking vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/56374"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"db": "NVD",
"id": "CVE-2014-9207"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-069-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9207"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9207"
},
{
"trust": 0.3,
"url": "http://www.cimon.com/eng/"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"db": "BID",
"id": "73027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-326"
},
{
"db": "NVD",
"id": "CVE-2014-9207"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"db": "BID",
"id": "73027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-326"
},
{
"db": "NVD",
"id": "CVE-2014-9207"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-19T00:00:00",
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"date": "2015-03-10T00:00:00",
"db": "BID",
"id": "73027"
},
{
"date": "2015-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"date": "2015-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-326"
},
{
"date": "2015-03-14T01:59:08.220000",
"db": "NVD",
"id": "CVE-2014-9207"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01826"
},
{
"date": "2015-03-10T00:00:00",
"db": "BID",
"id": "73027"
},
{
"date": "2015-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007978"
},
{
"date": "2015-03-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-326"
},
{
"date": "2024-11-21T02:20:24.140000",
"db": "NVD",
"id": "CVE-2014-9207"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-326"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cimon CmnView DLL Hijacking vulnerability",
"sources": [
{
"db": "IVD",
"id": "9cac41e6-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-01826"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "73027"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…