var-201706-0663
Vulnerability from variot
An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes. The platform provides features such as video surveillance, Wi-Fi hotspots and sensor connectivity. Exploiting these issues will allow attackers to bypass certain security restrictions and gain elevated privileges. Other attacks are also possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0663",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "epmp 1000 hotspot",
"scope": "eq",
"trust": 1.6,
"vendor": "cambium",
"version": null
},
{
"model": "epmp elevate",
"scope": "eq",
"trust": 1.6,
"vendor": "cambium",
"version": null
},
{
"model": "epmp 1000",
"scope": "eq",
"trust": 1.6,
"vendor": "cambium",
"version": null
},
{
"model": "epmp 2000",
"scope": "eq",
"trust": 1.6,
"vendor": "cambium",
"version": null
},
{
"model": "epmp 1000 hotspot",
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": "epmp 1000",
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": "epmp 2000",
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": "epmp elevate",
"scope": null,
"trust": 0.8,
"vendor": "cambium",
"version": null
},
{
"model": "networks epmp",
"scope": "eq",
"trust": 0.6,
"vendor": "cambium",
"version": "1000"
},
{
"model": "networks epmp",
"scope": "eq",
"trust": 0.3,
"vendor": "cambium",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "epmp 1000",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "epmp elevate",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "epmp 2000",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "epmp 1000 hotspot",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "BID",
"id": "99083"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
},
{
"db": "NVD",
"id": "CVE-2017-7918"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cambium_networks:epmp_1000_hotspot_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cambium_networks:epmp_1000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cambium_networks:epmp_2000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cambium_networks:epmp_elevate_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Karn Ganeshen",
"sources": [
{
"db": "BID",
"id": "99083"
}
],
"trust": 0.3
},
"cve": "CVE-2017-7918",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CVE-2017-7918",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2017-14370",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "VHN-116121",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.1,
"id": "CVE-2017-7918",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7918",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-7918",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-14370",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-1052",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116121",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "VULHUB",
"id": "VHN-116121"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
},
{
"db": "NVD",
"id": "CVE-2017-7918"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes. The platform provides features such as video surveillance, Wi-Fi hotspots and sensor connectivity. \nExploiting these issues will allow attackers to bypass certain security restrictions and gain elevated privileges. Other attacks are also possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7918"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "BID",
"id": "99083"
},
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "VULHUB",
"id": "VHN-116121"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7918",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-166-01",
"trust": 2.8
},
{
"db": "BID",
"id": "99083",
"trust": 2.6
},
{
"db": "CNVD",
"id": "CNVD-2017-14370",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034",
"trust": 0.8
},
{
"db": "IVD",
"id": "8D7F7ADE-BEC5-43C4-9E06-76B64BF6626D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116121",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "VULHUB",
"id": "VHN-116121"
},
{
"db": "BID",
"id": "99083"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
},
{
"db": "NVD",
"id": "CVE-2017-7918"
}
]
},
"id": "VAR-201706-0663",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "VULHUB",
"id": "VHN-116121"
}
],
"trust": 1.79285713
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "CNVD",
"id": "CNVD-2017-14370"
}
]
},
"last_update_date": "2024-11-23T22:30:46.472000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.cambiumnetworks.com/"
},
{
"title": "Cambium Networks ePMP Access Control Error Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/98071"
},
{
"title": "Cambium Networks ePMP Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100394"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.9
},
{
"problemtype": "CWE-269",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116121"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"db": "NVD",
"id": "CVE-2017-7918"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-166-01"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/99083"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7918"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7918"
},
{
"trust": 0.3,
"url": "http://www.cambiumnetworks.com/products/access/epmp-1000/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "VULHUB",
"id": "VHN-116121"
},
{
"db": "BID",
"id": "99083"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
},
{
"db": "NVD",
"id": "CVE-2017-7918"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "VULHUB",
"id": "VHN-116121"
},
{
"db": "BID",
"id": "99083"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
},
{
"db": "NVD",
"id": "CVE-2017-7918"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-13T00:00:00",
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"date": "2017-07-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"date": "2017-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-116121"
},
{
"date": "2017-06-14T00:00:00",
"db": "BID",
"id": "99083"
},
{
"date": "2017-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"date": "2017-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1052"
},
{
"date": "2017-06-21T19:29:00.400000",
"db": "NVD",
"id": "CVE-2017-7918"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116121"
},
{
"date": "2017-06-14T00:00:00",
"db": "BID",
"id": "99083"
},
{
"date": "2017-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005034"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-1052"
},
{
"date": "2024-11-21T03:32:57.737000",
"db": "NVD",
"id": "CVE-2017-7918"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cambium Networks ePMP Access Control Error Vulnerability",
"sources": [
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "CNVD",
"id": "CNVD-2017-14370"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access control error",
"sources": [
{
"db": "IVD",
"id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-1052"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…