var-201808-0129
Vulnerability from variot
An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 Framework Versions 4.4 and prior) using a disabled account name and a blank password, granting the attacker administrator access to the Niagara system. Niagara The platform contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Tridium Niagara AX Framework and Niagara 4 Framework are both IoT business application frameworks from Tridium. Tridium Niagara is prone to directory-traversal vulnerability and authentication-bypass vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to bypass authentication and perform unauthorized actions on the affected application, and to obtain sensitive information that could aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0129",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "niagara",
"scope": "lte",
"trust": 1.8,
"vendor": "tridium",
"version": "4.4"
},
{
"model": "niagara ax framework",
"scope": "lte",
"trust": 1.8,
"vendor": "tridium",
"version": "3.8"
},
{
"model": "niagara ax framework",
"scope": "eq",
"trust": 0.9,
"vendor": "tridium",
"version": "3.8"
},
{
"model": "niagara ax framework",
"scope": "lte",
"trust": 0.6,
"vendor": "tridium",
"version": "\u003c=3.8"
},
{
"model": "niagara framework",
"scope": "eq",
"trust": 0.6,
"vendor": "tridium",
"version": "4\u003c=4.4"
},
{
"model": "niagara",
"scope": "eq",
"trust": 0.6,
"vendor": "tridium",
"version": "4.4"
},
{
"model": "framework",
"scope": "eq",
"trust": 0.3,
"vendor": "tridium",
"version": "44.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "niagara",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "niagara ax framework",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"db": "BID",
"id": "105101"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
},
{
"db": "NVD",
"id": "CVE-2017-16748"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:tridium:niagara",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:tridium:niagra_ax_framework",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Johnathan Gains and Leet Cyber Security.",
"sources": [
{
"db": "BID",
"id": "105101"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
}
],
"trust": 0.9
},
"cve": "CVE-2017-16748",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-16748",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "CNVD-2018-15732",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 1.9,
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-16748",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-16748",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-16748",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-15732",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-569",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2017-16748",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"db": "VULMON",
"id": "CVE-2017-16748"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
},
{
"db": "NVD",
"id": "CVE-2017-16748"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior or Niagara 4 Framework Versions 4.4 and prior) using a disabled account name and a blank password, granting the attacker administrator access to the Niagara system. Niagara The platform contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Tridium Niagara AX Framework and Niagara 4 Framework are both IoT business application frameworks from Tridium. Tridium Niagara is prone to directory-traversal vulnerability and authentication-bypass vulnerability because the application fails to sufficiently sanitize user-supplied input. \nExploiting these issues may allow an attacker to bypass authentication and perform unauthorized actions on the affected application, and to obtain sensitive information that could aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16748"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
},
{
"db": "BID",
"id": "105101"
},
{
"db": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1"
},
{
"db": "VULMON",
"id": "CVE-2017-16748"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16748",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-191-03",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-19-022-01",
"trust": 2.8
},
{
"db": "BID",
"id": "105101",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2018-15732",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009181",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2F81210-39AB-11E9-AD51-000C29342CB1",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-16748",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"db": "VULMON",
"id": "CVE-2017-16748"
},
{
"db": "BID",
"id": "105101"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
},
{
"db": "NVD",
"id": "CVE-2017-16748"
}
]
},
"id": "VAR-201808-0129",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-15732"
}
],
"trust": 1.52385621
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-15732"
}
]
},
"last_update_date": "2024-11-23T22:06:39.490000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.tridium.com/"
},
{
"title": "Patch for Tridium Niagara AX Framework and Niagara 4 Framework Authentication Bypass Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/138005"
},
{
"title": "Tridium Niagara AX Framework and Niagara 4 Framework Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84155"
},
{
"title": "CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagara",
"trust": 0.1,
"url": "https://github.com/GainSec/CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagara "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/khulnasoft-labs/awesome-security "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"db": "VULMON",
"id": "CVE-2017-16748"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"db": "NVD",
"id": "CVE-2017-16748"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-191-03"
},
{
"trust": 2.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-022-01"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/105101"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16748"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16748"
},
{
"trust": 0.3,
"url": "https://www.tridium.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/gainsec/cve-2017-16744-and-cve-2017-16748-tridium-niagara"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"db": "VULMON",
"id": "CVE-2017-16748"
},
{
"db": "BID",
"id": "105101"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
},
{
"db": "NVD",
"id": "CVE-2017-16748"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"db": "VULMON",
"id": "CVE-2017-16748"
},
{
"db": "BID",
"id": "105101"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
},
{
"db": "NVD",
"id": "CVE-2017-16748"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-21T00:00:00",
"db": "IVD",
"id": "e2f81210-39ab-11e9-ad51-000c29342cb1"
},
{
"date": "2018-08-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"date": "2018-08-20T00:00:00",
"db": "VULMON",
"id": "CVE-2017-16748"
},
{
"date": "2018-08-16T00:00:00",
"db": "BID",
"id": "105101"
},
{
"date": "2018-11-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"date": "2018-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-569"
},
{
"date": "2018-08-20T21:29:00.807000",
"db": "NVD",
"id": "CVE-2017-16748"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-15732"
},
{
"date": "2019-04-03T00:00:00",
"db": "VULMON",
"id": "CVE-2017-16748"
},
{
"date": "2019-01-23T07:00:00",
"db": "BID",
"id": "105101"
},
{
"date": "2019-01-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009181"
},
{
"date": "2019-04-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-569"
},
{
"date": "2024-11-21T03:16:53.670000",
"db": "NVD",
"id": "CVE-2017-16748"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Niagara Authentication vulnerabilities in the platform",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009181"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-569"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…