Details of VAR-201702-0293

ID

VAR-201702-0293

CVE

CVE-2016-8341

TITLE

Ecava IntegraXor of Web On the server SQL Injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-007828

DESCRIPTION

An issue was discovered in Ecava IntegraXor Version 5.0.413.0. The Ecava IntegraXor web server has parameters that are vulnerable to SQL injection. If the queries are not sanitized, the host's database could be subject to read, write, and delete commands. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of the name parameter in getdata requests. The issue lies in the failure to properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Ecava IntegraXor is a web-based tool for creating and running HMI interfaces for SCADA systems. An attacker could exploit the vulnerability to compromise an affected application, access or modify data, or exploit a potential vulnerability in the underlying database. IntegraXor version 5.0.413.0 is vulnerable

Trust: 3.87

sources: NVD: CVE-2016-8341 // JVNDB: JVNDB-2016-007828 // ZDI: ZDI-17-059 // ZDI: ZDI-17-058 // CNVD: CNVD-2017-01510 // BID: 95907 // IVD: b6a8eec8-6fcf-4e17-ab05-5bee56343e5a

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: b6a8eec8-6fcf-4e17-ab05-5bee56343e5a // CNVD: CNVD-2017-01510

AFFECTED PRODUCTS

vendor:	ecava	model:	integraxor	scope:	eq	version:	5.0.413.0	Trust: 3.3
vendor:	ecava	model:	integraxor	scope:	-	version:	-	Trust: 1.4
vendor:	ecava	model:	integraxor	scope:	ne	version:	5.2.722.2	Trust: 0.3
vendor:	integraxor	model:	-	scope:	eq	version:	5.0.413.0	Trust: 0.2

sources: IVD: b6a8eec8-6fcf-4e17-ab05-5bee56343e5a // ZDI: ZDI-17-059 // ZDI: ZDI-17-058 // CNVD: CNVD-2017-01510 // BID: 95907 // JVNDB: JVNDB-2016-007828 // CNNVD: CNNVD-201702-256 // NVD: CVE-2016-8341

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2016-8341
value:	HIGH
Trust: 1.4
nvd@nist.gov:	CVE-2016-8341
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-8341
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-01510
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201702-256
value:	HIGH
Trust: 0.6
IVD:	b6a8eec8-6fcf-4e17-ab05-5bee56343e5a
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2016-8341
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 3.2
CNVD:	CNVD-2017-01510
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	b6a8eec8-6fcf-4e17-ab05-5bee56343e5a
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2016-8341
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: b6a8eec8-6fcf-4e17-ab05-5bee56343e5a // ZDI: ZDI-17-059 // ZDI: ZDI-17-058 // CNVD: CNVD-2017-01510 // JVNDB: JVNDB-2016-007828 // CNNVD: CNNVD-201702-256 // NVD: CVE-2016-8341

PROBLEMTYPE DATA

problemtype:

CWE-89

Trust: 1.8

sources: JVNDB: JVNDB-2016-007828 // NVD: CVE-2016-8341

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-256

TYPE

SQL injection

Trust: 0.8

sources: IVD: b6a8eec8-6fcf-4e17-ab05-5bee56343e5a // CNNVD: CNNVD-201702-256

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007828

PATCH

title:	Ecava has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-17-031-02	Trust: 1.4
title:	Ecava IGX SCADA	url:	https://www.integraxor.com/download-scada/	Trust: 0.8
title:	Ecava IntegraXor has multiple patches for SQL injection vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/89438	Trust: 0.6
title:	Ecava IntegraXor SQL Repair measures for injecting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=67544	Trust: 0.6

sources: ZDI: ZDI-17-059 // ZDI: ZDI-17-058 // CNVD: CNVD-2017-01510 // JVNDB: JVNDB-2016-007828 // CNNVD: CNNVD-201702-256

EXTERNAL IDS

db:	NVD	id:	CVE-2016-8341	Trust: 4.9
db:	ICS CERT	id:	ICSA-17-031-02	Trust: 2.7
db:	BID	id:	95907	Trust: 2.5
db:	CNVD	id:	CNVD-2017-01510	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-256	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-007828	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3824	Trust: 0.7
db:	ZDI	id:	ZDI-17-059	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-3849	Trust: 0.7
db:	ZDI	id:	ZDI-17-058	Trust: 0.7
db:	IVD	id:	B6A8EEC8-6FCF-4E17-AB05-5BEE56343E5A	Trust: 0.2

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-031-02	Trust: 4.1
url:	http://www.securityfocus.com/bid/95907	Trust: 2.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8341	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8341	Trust: 0.8
url:	http://ecava.com/	Trust: 0.3

sources: ZDI: ZDI-17-059 // ZDI: ZDI-17-058 // CNVD: CNVD-2017-01510 // BID: 95907 // JVNDB: JVNDB-2016-007828 // CNNVD: CNNVD-201702-256 // NVD: CVE-2016-8341

CREDITS

Brian Gorenc and Juan Pablo Lopez

Trust: 0.9

sources: BID: 95907 // CNNVD: CNNVD-201702-256

SOURCES

db:	IVD	id:	b6a8eec8-6fcf-4e17-ab05-5bee56343e5a
db:	ZDI	id:	ZDI-17-059
db:	ZDI	id:	ZDI-17-058
db:	CNVD	id:	CNVD-2017-01510
db:	BID	id:	95907
db:	JVNDB	id:	JVNDB-2016-007828
db:	CNNVD	id:	CNNVD-201702-256
db:	NVD	id:	CVE-2016-8341

LAST UPDATE DATE

2025-04-20T23:13:18.983000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-059	date:	2017-02-07T00:00:00
db:	ZDI	id:	ZDI-17-058	date:	2017-02-07T00:00:00
db:	CNVD	id:	CNVD-2017-01510	date:	2017-02-17T00:00:00
db:	BID	id:	95907	date:	2017-02-02T00:08:00
db:	JVNDB	id:	JVNDB-2016-007828	date:	2017-03-23T00:00:00
db:	CNNVD	id:	CNNVD-201702-256	date:	2017-02-09T00:00:00
db:	NVD	id:	CVE-2016-8341	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	b6a8eec8-6fcf-4e17-ab05-5bee56343e5a	date:	2017-02-17T00:00:00
db:	ZDI	id:	ZDI-17-059	date:	2017-02-07T00:00:00
db:	ZDI	id:	ZDI-17-058	date:	2017-02-07T00:00:00
db:	CNVD	id:	CNVD-2017-01510	date:	2017-02-17T00:00:00
db:	BID	id:	95907	date:	2017-01-31T00:00:00
db:	JVNDB	id:	JVNDB-2016-007828	date:	2017-03-23T00:00:00
db:	CNNVD	id:	CNNVD-201702-256	date:	2017-01-31T00:00:00
db:	NVD	id:	CVE-2016-8341	date:	2017-02-13T21:59:00.597