Details of VAR-201702-0852

ID

VAR-201702-0852

CVE

CVE-2016-9349

TITLE

Advantech SUSIAccess Server Information Disclosure Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2016-11831 // CNNVD: CNNVD-201612-011

DESCRIPTION

An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of downloadCSV.jsp. When parsing the file element, the process fails to properly validate a user-supplied path prior to using it in file operations. SUSIAccess is an easy-to-use remote device management software solution. Advantech SUISAccess Server is a set of Advantech's Platform as a Service (PaaS) products for cloud and Internet of Things (IoT) devices

Trust: 3.78

sources: NVD: CVE-2016-9349 // JVNDB: JVNDB-2016-007630 // ZDI: ZDI-16-628 // CNVD: CNVD-2016-11831 // CNNVD: CNNVD-201612-011 // BID: 94629 // VULHUB: VHN-98169 // VULMON: CVE-2016-9349

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-11831

AFFECTED PRODUCTS

vendor:	advantech	model:	susiaccess	scope:	lte	version:	3.0	Trust: 1.0
vendor:	advantech	model:	susiaccess	scope:	lte	version:	server 3.0	Trust: 0.8
vendor:	advantech	model:	susiaccess server	scope:	-	version:	-	Trust: 0.7
vendor:	advantech	model:	suisaccess server	scope:	lte	version:	<=3.0	Trust: 0.6
vendor:	advantech	model:	susiaccess	scope:	eq	version:	3.0	Trust: 0.6
vendor:	advantech	model:	suisaccess server	scope:	eq	version:	3.0	Trust: 0.3

sources: ZDI: ZDI-16-628 // CNVD: CNVD-2016-11831 // BID: 94629 // JVNDB: JVNDB-2016-007630 // CNNVD: CNNVD-201612-011 // NVD: CVE-2016-9349

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-9349
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-9349
value:	HIGH
Trust: 0.8
ZDI:	CVE-2016-9349
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2016-11831
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201612-011
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-98169
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2016-9349
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-9349
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
ZDI:	CVE-2016-9349
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2016-11831
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-98169
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-9349
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: ZDI: ZDI-16-628 // CNVD: CNVD-2016-11831 // VULHUB: VHN-98169 // VULMON: CVE-2016-9349 // JVNDB: JVNDB-2016-007630 // CNNVD: CNNVD-201612-011 // NVD: CVE-2016-9349

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-98169 // JVNDB: JVNDB-2016-007630 // NVD: CVE-2016-9349

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-011

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201612-011

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-007630

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-98169 // VULMON: CVE-2016-9349

PATCH

title:	SUSIAccess	url:	http://www2.advantech.com/industrialCloud/about_what.aspx	Trust: 0.8
title:	Advantech has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04	Trust: 0.7
title:	Patch for Advantech SUSIAccess Server Information Disclosure Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/84926	Trust: 0.6
title:	-	url:	https://github.com/ghsec/CVE-PoC-Finder	Trust: 0.1

sources: ZDI: ZDI-16-628 // CNVD: CNVD-2016-11831 // VULMON: CVE-2016-9349 // JVNDB: JVNDB-2016-007630

EXTERNAL IDS

db:	NVD	id:	CVE-2016-9349	Trust: 4.2
db:	ICS CERT	id:	ICSA-16-336-04	Trust: 3.5
db:	BID	id:	94629	Trust: 2.7
db:	EXPLOIT-DB	id:	42401	Trust: 1.2
db:	EXPLOIT-DB	id:	42402	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-007630	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3831	Trust: 0.7
db:	ZDI	id:	ZDI-16-628	Trust: 0.7
db:	CNNVD	id:	CNNVD-201612-011	Trust: 0.7
db:	CNVD	id:	CNVD-2016-11831	Trust: 0.6
db:	PACKETSTORM	id:	143620	Trust: 0.1
db:	PACKETSTORM	id:	143622	Trust: 0.1
db:	VULHUB	id:	VHN-98169	Trust: 0.1
db:	VULMON	id:	CVE-2016-9349	Trust: 0.1

sources: ZDI: ZDI-16-628 // CNVD: CNVD-2016-11831 // VULHUB: VHN-98169 // VULMON: CVE-2016-9349 // BID: 94629 // JVNDB: JVNDB-2016-007630 // CNNVD: CNNVD-201612-011 // NVD: CVE-2016-9349

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-16-336-04	Trust: 4.3
url:	http://www.securityfocus.com/bid/94629	Trust: 1.8
url:	https://www.exploit-db.com/exploits/42401/	Trust: 1.3
url:	https://www.exploit-db.com/exploits/42402/	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9349	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9349	Trust: 0.8
url:	http://webaccess.advantech.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/200.html	Trust: 0.1
url:	https://github.com/ghsec/cve-poc-finder	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

CREDITS

rgod working with Zero Day Initiative (ZDI).

Trust: 0.9

sources: BID: 94629 // CNNVD: CNNVD-201612-011

SOURCES

db:	ZDI	id:	ZDI-16-628
db:	CNVD	id:	CNVD-2016-11831
db:	VULHUB	id:	VHN-98169
db:	VULMON	id:	CVE-2016-9349
db:	BID	id:	94629
db:	JVNDB	id:	JVNDB-2016-007630
db:	CNNVD	id:	CNNVD-201612-011
db:	NVD	id:	CVE-2016-9349

LAST UPDATE DATE

2025-04-20T23:34:28.889000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-16-628	date:	2016-12-13T00:00:00
db:	CNVD	id:	CNVD-2016-11831	date:	2016-12-05T00:00:00
db:	VULHUB	id:	VHN-98169	date:	2017-08-12T00:00:00
db:	VULMON	id:	CVE-2016-9349	date:	2017-08-12T00:00:00
db:	BID	id:	94629	date:	2016-12-20T02:04:00
db:	JVNDB	id:	JVNDB-2016-007630	date:	2017-03-08T00:00:00
db:	CNNVD	id:	CNNVD-201612-011	date:	2016-12-02T00:00:00
db:	NVD	id:	CVE-2016-9349	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-16-628	date:	2016-12-13T00:00:00
db:	CNVD	id:	CNVD-2016-11831	date:	2016-12-03T00:00:00
db:	VULHUB	id:	VHN-98169	date:	2017-02-13T00:00:00
db:	VULMON	id:	CVE-2016-9349	date:	2017-02-13T00:00:00
db:	BID	id:	94629	date:	2016-12-01T00:00:00
db:	JVNDB	id:	JVNDB-2016-007630	date:	2017-03-08T00:00:00
db:	CNNVD	id:	CNNVD-201612-011	date:	2016-12-02T00:00:00
db:	NVD	id:	CVE-2016-9349	date:	2017-02-13T21:59:01.877