Details of VAR-201702-0687

ID

VAR-201702-0687

CVE

CVE-2017-5169

TITLE

Hanwha Techwin Smart Security Manager Cross-Site Request Forgery Vulnerability

Trust: 1.4

sources: IVD: bf78bcad-0c38-477a-b8ac-ff7d1ca7667e // CNVD: CNVD-2017-01643 // CNNVD: CNNVD-201702-460

DESCRIPTION

An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and Apache Felix Gogo servers that are installed as part of this product. By issuing specific HTTP Post requests, an attacker can gain system level access to a remote shell session. Smart Security Manager Versions 1.5 and prior are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions and obtain sensitive information. Other attacks are also possible

Trust: 2.61

sources: NVD: CVE-2017-5169 // JVNDB: JVNDB-2017-001711 // CNVD: CNVD-2017-01643 // BID: 96147 // IVD: bf78bcad-0c38-477a-b8ac-ff7d1ca7667e

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: bf78bcad-0c38-477a-b8ac-ff7d1ca7667e // CNVD: CNVD-2017-01643

AFFECTED PRODUCTS

vendor:	hanwha security	model:	smart security manager	scope:	lte	version:	1.5	Trust: 1.0
vendor:	hanwha techwin	model:	smart security manager	scope:	lte	version:	1.5	Trust: 0.8
vendor:	hanwha	model:	techwin smart security manager	scope:	lte	version:	<=1.5	Trust: 0.6
vendor:	hanwha techwin	model:	smart security manager	scope:	eq	version:	1.5	Trust: 0.6
vendor:	hanwha	model:	techwin smart security manager	scope:	eq	version:	1.5	Trust: 0.3
vendor:	hanwha	model:	techwin smart security manager	scope:	eq	version:	1.4	Trust: 0.3
vendor:	hanwha	model:	techwin smart security manager	scope:	eq	version:	1.31	Trust: 0.3
vendor:	smart security manager	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: bf78bcad-0c38-477a-b8ac-ff7d1ca7667e // CNVD: CNVD-2017-01643 // BID: 96147 // JVNDB: JVNDB-2017-001711 // NVD: CVE-2017-5169 // CNNVD: CNNVD-201702-460

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-5169
value:	HIGH
Trust: 1.8
CNVD:	CNVD-2017-01643
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201702-460
value:	HIGH
Trust: 0.6
IVD:	bf78bcad-0c38-477a-b8ac-ff7d1ca7667e
value:	MEDIUM
Trust: 0.2

NVD:
severity:	MEDIUM
baseScore:	5.1
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	4.9
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-5169
severity:	MEDIUM
baseScore:	5.1
vectorString:	AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-01643
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	bf78bcad-0c38-477a-b8ac-ff7d1ca7667e
severity:	HIGH
baseScore:	7.6
vectorString:	AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

NVD:
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2017-5169
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: bf78bcad-0c38-477a-b8ac-ff7d1ca7667e // CNVD: CNVD-2017-01643 // JVNDB: JVNDB-2017-001711 // NVD: CVE-2017-5169 // CNNVD: CNNVD-201702-460

PROBLEMTYPE DATA

problemtype:

CWE-352

Trust: 1.8

sources: JVNDB: JVNDB-2017-001711 // NVD: CVE-2017-5169

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201702-460

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201702-460

CONFIGURATIONS

sources: NVD: CVE-2017-5169

PATCH

title:	SSM(Smart Security Manager)	url:	http://www.hanwha-security.com/prod/info.do?menucd=mn000185&catg1=mc000087&catg2=mc000089&catg3=&mdlcd=mc000825	Trust: 0.8
title:	Patch for Hanwha Techwin Smart Security Manager cross-site request forgery vulnerability	url:	https://www.cnvd.org.cn/patchinfo/show/89533	Trust: 0.6
title:	Hanwha Techwin Smart Security Manager Fixes for cross-site request forgery vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67751	Trust: 0.6

sources: CNVD: CNVD-2017-01643 // JVNDB: JVNDB-2017-001711 // CNNVD: CNNVD-201702-460

EXTERNAL IDS

db:	NVD	id:	CVE-2017-5169	Trust: 3.5
db:	ICS CERT	id:	ICSA-17-040-01	Trust: 3.3
db:	BID	id:	96147	Trust: 1.9
db:	CNVD	id:	CNVD-2017-01643	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-460	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-001711	Trust: 0.8
db:	IVD	id:	BF78BCAD-0C38-477A-B8AC-FF7D1CA7667E	Trust: 0.2

sources: IVD: bf78bcad-0c38-477a-b8ac-ff7d1ca7667e // CNVD: CNVD-2017-01643 // BID: 96147 // JVNDB: JVNDB-2017-001711 // NVD: CVE-2017-5169 // CNNVD: CNNVD-201702-460

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-040-01	Trust: 3.3
url:	http://www.securityfocus.com/bid/96147	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5169	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5169	Trust: 0.8
url:	http://www.hanwha-security.com/	Trust: 0.3

sources: CNVD: CNVD-2017-01643 // BID: 96147 // JVNDB: JVNDB-2017-001711 // NVD: CVE-2017-5169 // CNNVD: CNNVD-201702-460

CREDITS

Steven Seeley of Source Incite.

Trust: 0.3

sources: BID: 96147

SOURCES

db:	IVD	id:	bf78bcad-0c38-477a-b8ac-ff7d1ca7667e
db:	CNVD	id:	CNVD-2017-01643
db:	BID	id:	96147
db:	JVNDB	id:	JVNDB-2017-001711
db:	NVD	id:	CVE-2017-5169
db:	CNNVD	id:	CNNVD-201702-460

LAST UPDATE DATE

2023-12-18T13:53:05.473000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-01643	date:	2017-02-20T00:00:00
db:	BID	id:	96147	date:	2017-03-07T04:01:00
db:	JVNDB	id:	JVNDB-2017-001711	date:	2017-03-14T00:00:00
db:	NVD	id:	CVE-2017-5169	date:	2021-09-13T12:04:44.103
db:	CNNVD	id:	CNNVD-201702-460	date:	2021-09-14T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	bf78bcad-0c38-477a-b8ac-ff7d1ca7667e	date:	2017-02-20T00:00:00
db:	CNVD	id:	CNVD-2017-01643	date:	2017-02-20T00:00:00
db:	BID	id:	96147	date:	2017-02-09T00:00:00
db:	JVNDB	id:	JVNDB-2017-001711	date:	2017-03-14T00:00:00
db:	NVD	id:	CVE-2017-5169	date:	2017-02-13T21:59:03.067
db:	CNNVD	id:	CNNVD-201702-460	date:	2017-02-15T00:00:00