var-201708-1399
Vulnerability from variot
An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An unquoted search path vulnerability may allow a non-privileged local attacker to change files in the installation directory and execute arbitrary code with elevated privileges. ALC WebCTRL , i-Vu ,and SiteScan Web Contains vulnerabilities related to unquoted search paths or elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ALC WebCTRL is a building automation platform. Multiple Automated Logic Corporation (ALC) Products are prone to local privilege-escalation vulnerability. WebCTRL®, Automated Logic's web-based building automationsystem, is known for its intuitive user interface and powerful integrationcapabilities. It allows building operators to optimize and manageall of their building systems - including HVAC, lighting, fire, elevators,and security - all within a single HVAC controls platform. It's everythingthey need to keep occupants comfortable, manage energy conservation measures,identify key operational problems, and validate the results.WebCTRL suffers from an authenticated arbitrary code execution vulnerability. The issue is caused due to the improper verification when uploading Add-on (.addons or .war) files using the uploadwarfile servlet. This can be exploited to execute arbitrary code by uploading a malicious web archive file that will run automatically and can be accessed from within the webroot directory. Additionaly, an improper authorization access control occurs when using the 'anonymous' user. By specification, the anonymous user should not have permissions or authorization to upload or install add-ons. In this case, when using the anonymous user, an attacker is still able to upload a malicious file via insecure direct object reference and execute arbitrary code. The anonymous user was removed from version 6.5 of WebCTRL.Tested on: Microsoft Windows 7 Professional (6.1.7601 Service Pack 1 Build 7601)Apache-Coyote/1.1Apache Tomcat/7.0.42CJServer/1.1Java/1.7.0_25-b17Java HotSpot Server VM 23.25-b01Ant 1.7.0Axis 1.4Trove 2.0.2Xalan Java 2.4.1Xerces-J 2.6.1. The vulnerability exist due to the improper permissions,with the 'M' flag (Modify) or 'C' flag (Change) for 'Authenticated Users' group.The application suffers from an unquoted search path issue as well impacting the service'WebCTRL Service' for Windows deployed as part of WebCTRL server solution. A successful attempt would require thelocal user to be able to insert their code in the system root path undetected by theOS or other security applications where it could potentially be executed duringapplication startup or reboot
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1399",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": "eq",
"trust": 1.0,
"vendor": "webctrl",
"version": "*"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "5.5"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "6.1"
},
{
"model": "automatedlogic webctrl",
"scope": "lte",
"trust": 1.0,
"vendor": "carrier",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "automatedlogic webctrl",
"scope": "lte",
"trust": 1.0,
"vendor": "carrier",
"version": "5.2"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "automatedlogic webctrl",
"scope": "lte",
"trust": 1.0,
"vendor": "carrier",
"version": "6.0"
},
{
"model": "automatedlogic webctrl",
"scope": "lte",
"trust": 1.0,
"vendor": "carrier",
"version": "5.5"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "5.2"
},
{
"model": "automatedlogic webctrl",
"scope": "lte",
"trust": 1.0,
"vendor": "carrier",
"version": "6.1"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "5.2"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "5.5"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "i vu",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "sitescan web",
"version": "*"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.0"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.1"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.0"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.1"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 0.6,
"vendor": "ibm automated logic",
"version": "\u003c=6.5"
},
{
"model": "alc webctrl i-vu",
"scope": "lte",
"trust": 0.6,
"vendor": "automated logic",
"version": "\u003c=6.0"
},
{
"model": "alc webctrl sitescan web",
"scope": "lte",
"trust": 0.6,
"vendor": "automated logic",
"version": "\u003c=6.1"
},
{
"model": "sitescan web i-vu alc webctrl",
"scope": "lte",
"trust": 0.6,
"vendor": "automated logic",
"version": "\u003c=6.5"
},
{
"model": "sitescan web i-vu alc webctrl",
"scope": "lte",
"trust": 0.6,
"vendor": "automated logic",
"version": "\u003c=5.5"
},
{
"model": "sitescan web i-vu alc webctrl",
"scope": "lte",
"trust": 0.6,
"vendor": "automated logic",
"version": "\u003c=5.2"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "6.0"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "5.2"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "5.5"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "5.5"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "5.2"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "6.1"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "5.2"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "5.5"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.3,
"vendor": "automated logic",
"version": " sitescan web 6.1 and prior"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.3,
"vendor": "automated logic",
"version": " i-vu 6.0 and prior"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.3,
"vendor": "automated logic",
"version": " sitescan web 5.5 and prior"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.3,
"vendor": "automated logic",
"version": " sitescan web 5.2 and prior"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.1 and 6.0"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.1"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.0"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.1"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.0"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.2,
"vendor": "automated logic",
"version": " sitescan web 6.5 and prior"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"db": "ZSL",
"id": "ZSL-2017-5429"
},
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"db": "BID",
"id": "100454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859"
},
{
"db": "NVD",
"id": "CVE-2017-9644"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:automatedlogic:i-vu",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:automatedlogic:sitescan_web",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:automatedlogic:webctrl",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovered by Gjoko Krstic",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"db": "ZSL",
"id": "ZSL-2017-5429"
}
],
"trust": 0.3
},
"cve": "CVE-2017-9644",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2017-9644",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2017-22828",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"id": "CVE-2017-9644",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9644",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-9644",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-22828",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-859",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "ZSL",
"id": "ZSL-2017-5431",
"trust": 0.1,
"value": "(4/5)"
},
{
"author": "ZSL",
"id": "ZSL-2017-5430",
"trust": 0.1,
"value": "(3/5)"
},
{
"author": "ZSL",
"id": "ZSL-2017-5429",
"trust": 0.1,
"value": "(3/5)"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"db": "ZSL",
"id": "ZSL-2017-5429"
},
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859"
},
{
"db": "NVD",
"id": "CVE-2017-9644"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An unquoted search path vulnerability may allow a non-privileged local attacker to change files in the installation directory and execute arbitrary code with elevated privileges. ALC WebCTRL , i-Vu ,and SiteScan Web Contains vulnerabilities related to unquoted search paths or elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ALC WebCTRL is a building automation platform. Multiple Automated Logic Corporation (ALC) Products are prone to local privilege-escalation vulnerability. WebCTRL\u00ae, Automated Logic\u0027s web-based building automationsystem, is known for its intuitive user interface and powerful integrationcapabilities. It allows building operators to optimize and manageall of their building systems - including HVAC, lighting, fire, elevators,and security - all within a single HVAC controls platform. It\u0027s everythingthey need to keep occupants comfortable, manage energy conservation measures,identify key operational problems, and validate the results.WebCTRL suffers from an authenticated arbitrary code execution vulnerability. The issue is caused due to the improper verification when uploading Add-on (.addons or .war) files using the uploadwarfile servlet. This can be exploited to execute arbitrary code by uploading a malicious web archive file that will run automatically and can be accessed from within the webroot directory. Additionaly, an improper authorization access control occurs when using the \u0027anonymous\u0027 user. By specification, the anonymous user should not have permissions or authorization to upload or install add-ons. In this case, when using the anonymous user, an attacker is still able to upload a malicious file via insecure direct object reference and execute arbitrary code. The anonymous user was removed from version 6.5 of WebCTRL.Tested on: Microsoft Windows 7 Professional (6.1.7601 Service Pack 1 Build 7601)Apache-Coyote/1.1Apache Tomcat/7.0.42CJServer/1.1Java/1.7.0_25-b17Java HotSpot Server VM 23.25-b01Ant 1.7.0Axis 1.4Trove 2.0.2Xalan Java 2.4.1Xerces-J 2.6.1. The vulnerability exist due to the improper permissions,with the \u0027M\u0027 flag (Modify) or \u0027C\u0027 flag (Change) for \u0027Authenticated Users\u0027 group.The application suffers from an unquoted search path issue as well impacting the service\u0027WebCTRL Service\u0027 for Windows deployed as part of WebCTRL server solution. A successful attempt would require thelocal user to be able to insert their code in the system root path undetected by theOS or other security applications where it could potentially be executed duringapplication startup or reboot",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9644"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"db": "BID",
"id": "100454"
},
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"db": "ZSL",
"id": "ZSL-2017-5429"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "http://www.automatedlogic.com/pages/security.aspx",
"trust": 0.3,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"db": "ZSL",
"id": "ZSL-2017-5429"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9644",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-234-01",
"trust": 3.0
},
{
"db": "BID",
"id": "100454",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "42542",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2017-22828",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007644",
"trust": 0.8
},
{
"db": "BID",
"id": "100452",
"trust": 0.2
},
{
"db": "IVD",
"id": "963DE9F9-6E8A-4C63-8060-67B7CA4DE5CE",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "143897",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "42544",
"trust": 0.1
},
{
"db": "NVD",
"id": "CVE-2017-9650",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2017080166",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2017-5431",
"trust": 0.1
},
{
"db": "AUSCERT",
"id": "ESB-2017.2113",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "42543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143896",
"trust": 0.1
},
{
"db": "NVD",
"id": "CVE-2017-9640",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2017080165",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2017-5430",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2017080167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143895",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2017-5429",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"db": "ZSL",
"id": "ZSL-2017-5429"
},
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"db": "BID",
"id": "100454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859"
},
{
"db": "NVD",
"id": "CVE-2017-9644"
}
]
},
"id": "VAR-201708-1399",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
}
]
},
"last_update_date": "2024-11-23T22:00:54.787000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Best Practices Checklists for Building Automation Systems (BAS)",
"trust": 0.8,
"url": "http://www.automatedlogic.com/Pages/Security.aspx"
},
{
"title": "ALC WebCTRL i-Vu/SiteScan Web does not reference patches for search path vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/100837"
},
{
"title": "ALC WebCTRL , i-Vu and SiteScan Web Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99869"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"db": "NVD",
"id": "CVE-2017-9644"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-234-01"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/42542/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100454"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9644"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9644"
},
{
"trust": 0.6,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9644"
},
{
"trust": 0.3,
"url": "http://www.automatedlogic.com/pages/security_commitment.aspx"
},
{
"trust": 0.3,
"url": "http://www.automatedlogic.com/specsheets/security_best_practices_checklists_for_building_automation_systems_(bas)pdf.pdf"
},
{
"trust": 0.3,
"url": "http://www.securityweek.com/automated-logic-patches-flaws-building-automation-system"
},
{
"trust": 0.3,
"url": "http://www.automatedlogic.com"
},
{
"trust": 0.2,
"url": "http://www.securityfocus.com/bid/100452"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9650"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9650"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/42544/"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/143897"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2017080166"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130767"
},
{
"trust": 0.1,
"url": "http://www.vfocus.net/art/20170824/13802.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9640"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9640"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/42543/"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2017080165"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/143896"
},
{
"trust": 0.1,
"url": "https://www.auscert.org.au/bulletins/51482"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130766"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/143895"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2017080167"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130760"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"db": "ZSL",
"id": "ZSL-2017-5429"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"db": "BID",
"id": "100454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859"
},
{
"db": "NVD",
"id": "CVE-2017-9644"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"db": "ZSL",
"id": "ZSL-2017-5429"
},
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"db": "BID",
"id": "100454"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859"
},
{
"db": "NVD",
"id": "CVE-2017-9644"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-22T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"date": "2017-08-22T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"date": "2017-08-22T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5429"
},
{
"date": "2017-08-25T00:00:00",
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"date": "2017-08-23T00:00:00",
"db": "BID",
"id": "100454"
},
{
"date": "2017-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"date": "2017-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-859"
},
{
"date": "2017-08-25T19:29:00.457000",
"db": "NVD",
"id": "CVE-2017-9644"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-28T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5431"
},
{
"date": "2017-08-25T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5430"
},
{
"date": "2017-08-25T00:00:00",
"db": "ZSL",
"id": "ZSL-2017-5429"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22828"
},
{
"date": "2017-08-23T00:00:00",
"db": "BID",
"id": "100454"
},
{
"date": "2017-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007644"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-859"
},
{
"date": "2024-11-21T03:36:34.513000",
"db": "NVD",
"id": "CVE-2017-9644"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "100454"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ALC WebCTRL i-Vu/SiteScan Web Unreferenced Search Path Vulnerability",
"sources": [
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "CNVD",
"id": "CNVD-2017-22828"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "963de9f9-6e8a-4c63-8060-67b7ca4de5ce"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-859"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…