Details of VAR-201702-0686

ID

VAR-201702-0686

CVE

CVE-2017-5168

TITLE

Hanwha Techwin Smart Security Manager of ActiveMQ Broker Path traversal vulnerability in services

Trust: 0.8

sources: JVNDB: JVNDB-2017-001710

DESCRIPTION

An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed as part of the product. By issuing specific HTTP requests, if a user visits a malicious page, an attacker can gain access to arbitrary files on the server. Smart Security Manager Versions 1.4 and prior to 1.31 are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions and obtain sensitive information. Other attacks are also possible

Trust: 2.61

sources: NVD: CVE-2017-5168 // JVNDB: JVNDB-2017-001710 // CNVD: CNVD-2017-01645 // BID: 96147 // IVD: 13e5304e-4192-41e8-9e8e-2b72b96f950e

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 13e5304e-4192-41e8-9e8e-2b72b96f950e // CNVD: CNVD-2017-01645

AFFECTED PRODUCTS

vendor:	hanwha security	model:	smart security manager	scope:	lte	version:	1.5	Trust: 1.0
vendor:	hanwha techwin	model:	smart security manager	scope:	lte	version:	1.5	Trust: 0.8
vendor:	hanwha	model:	techwin smart security manager	scope:	lte	version:	<=1.5	Trust: 0.6
vendor:	hanwha techwin	model:	smart security manager	scope:	eq	version:	1.5	Trust: 0.6
vendor:	hanwha	model:	techwin smart security manager	scope:	eq	version:	1.5	Trust: 0.3
vendor:	hanwha	model:	techwin smart security manager	scope:	eq	version:	1.4	Trust: 0.3
vendor:	hanwha	model:	techwin smart security manager	scope:	eq	version:	1.31	Trust: 0.3
vendor:	smart security manager	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 13e5304e-4192-41e8-9e8e-2b72b96f950e // CNVD: CNVD-2017-01645 // BID: 96147 // JVNDB: JVNDB-2017-001710 // NVD: CVE-2017-5168 // CNNVD: CNNVD-201702-461

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-5168
value:	HIGH
Trust: 1.8
CNVD:	CNVD-2017-01645
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201702-461
value:	HIGH
Trust: 0.6
IVD:	13e5304e-4192-41e8-9e8e-2b72b96f950e
value:	MEDIUM
Trust: 0.2

NVD:
severity:	MEDIUM
baseScore:	5.1
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	TRUE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-5168
severity:	MEDIUM
baseScore:	5.1
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-01645
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	13e5304e-4192-41e8-9e8e-2b72b96f950e
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

NVD:
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2017-5168
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: 13e5304e-4192-41e8-9e8e-2b72b96f950e // CNVD: CNVD-2017-01645 // JVNDB: JVNDB-2017-001710 // NVD: CVE-2017-5168 // CNNVD: CNNVD-201702-461

PROBLEMTYPE DATA

problemtype:

CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2017-001710 // NVD: CVE-2017-5168

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-461

TYPE

Path traversal

Trust: 0.8

sources: IVD: 13e5304e-4192-41e8-9e8e-2b72b96f950e // CNNVD: CNNVD-201702-461

CONFIGURATIONS

sources: NVD: CVE-2017-5168

PATCH

title:	SSM(Smart Security Manager)	url:	http://www.hanwha-security.com/prod/info.do?menucd=mn000185&catg1=mc000087&catg2=mc000089&catg3=&mdlcd=mc000825	Trust: 0.8
title:	Hanwha Techwin Smart Security Manager privilege escalation vulnerability patch	url:	https://www.cnvd.org.cn/patchinfo/show/89536	Trust: 0.6
title:	Hanwha Techwin Smart Security Manager ActiveMQ Broker Repair of service path traversal vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67752	Trust: 0.6

sources: CNVD: CNVD-2017-01645 // JVNDB: JVNDB-2017-001710 // CNNVD: CNNVD-201702-461

EXTERNAL IDS

db:	NVD	id:	CVE-2017-5168	Trust: 3.5
db:	ICS CERT	id:	ICSA-17-040-01	Trust: 2.7
db:	BID	id:	96147	Trust: 1.9
db:	CNVD	id:	CNVD-2017-01645	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-461	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-001710	Trust: 0.8
db:	IVD	id:	13E5304E-4192-41E8-9E8E-2B72B96F950E	Trust: 0.2

sources: IVD: 13e5304e-4192-41e8-9e8e-2b72b96f950e // CNVD: CNVD-2017-01645 // BID: 96147 // JVNDB: JVNDB-2017-001710 // NVD: CVE-2017-5168 // CNNVD: CNNVD-201702-461

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-040-01	Trust: 2.7
url:	http://www.securityfocus.com/bid/96147	Trust: 1.6
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5168	Trust: 1.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5168	Trust: 0.8
url:	http://www.hanwha-security.com/	Trust: 0.3

sources: CNVD: CNVD-2017-01645 // BID: 96147 // JVNDB: JVNDB-2017-001710 // NVD: CVE-2017-5168 // CNNVD: CNNVD-201702-461

CREDITS

Steven Seeley of Source Incite.

Trust: 0.3

sources: BID: 96147

SOURCES

db:	IVD	id:	13e5304e-4192-41e8-9e8e-2b72b96f950e
db:	CNVD	id:	CNVD-2017-01645
db:	BID	id:	96147
db:	JVNDB	id:	JVNDB-2017-001710
db:	NVD	id:	CVE-2017-5168
db:	CNNVD	id:	CNNVD-201702-461

LAST UPDATE DATE

2023-12-18T13:53:05.439000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-01645	date:	2017-02-20T00:00:00
db:	BID	id:	96147	date:	2017-03-07T04:01:00
db:	JVNDB	id:	JVNDB-2017-001710	date:	2017-03-14T00:00:00
db:	NVD	id:	CVE-2017-5168	date:	2021-09-13T12:04:36.983
db:	CNNVD	id:	CNNVD-201702-461	date:	2021-09-14T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	13e5304e-4192-41e8-9e8e-2b72b96f950e	date:	2017-02-20T00:00:00
db:	CNVD	id:	CNVD-2017-01645	date:	2017-02-20T00:00:00
db:	BID	id:	96147	date:	2017-02-09T00:00:00
db:	JVNDB	id:	JVNDB-2017-001710	date:	2017-03-14T00:00:00
db:	NVD	id:	CVE-2017-5168	date:	2017-02-13T21:59:03.050
db:	CNNVD	id:	CNNVD-201702-461	date:	2017-02-15T00:00:00