Details of VAR-201703-1057

ID

VAR-201703-1057

CVE

CVE-2017-6183

TITLE

Sophos Web Appliance Command injection vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2017-002798 // CNNVD: CNNVD-201703-1382

DESCRIPTION

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. Vendors have confirmed this vulnerability NSWA-1314 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The product supports real-time network threat protection, custom web filtering and dynamic control applications. A remote attacker can exploit this vulnerability to inject commands. Exploiting these issues could allow an attacker to execute arbitrary commands in context of the affected application or hijack an arbitrary session and gain unauthorized access to the affected application

Trust: 2.43

sources: NVD: CVE-2017-6183 // JVNDB: JVNDB-2017-002798 // CNVD: CNVD-2017-05238 // BID: 97261

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-05238

AFFECTED PRODUCTS

vendor:	sophos	model:	web appliance	scope:	lt	version:	4.3.1.2	Trust: 1.4
vendor:	sophos	model:	web appliance	scope:	lte	version:	4.3.1.1	Trust: 1.0
vendor:	sophos	model:	web appliance	scope:	eq	version:	4.3.1.1	Trust: 0.6
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.2	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.0	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	2.1.18	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	4.3	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	4.2.1.3	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.1.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.8.0	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.7.9.1	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	eq	version:	3.7.9	Trust: 0.3
vendor:	sophos	model:	web appliance	scope:	ne	version:	4.3.1.2	Trust: 0.3

sources: CNVD: CNVD-2017-05238 // BID: 97261 // JVNDB: JVNDB-2017-002798 // NVD: CVE-2017-6183 // CNNVD: CNNVD-201703-1382

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2017-6183
value:	HIGH
Trust: 1.8
CNVD:	CNVD-2017-05238
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201703-1382
value:	MEDIUM
Trust: 0.6

NVD:
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2017-6183
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-05238
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

NVD:
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	CVE-2017-6183
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-05238 // JVNDB: JVNDB-2017-002798 // NVD: CVE-2017-6183 // CNNVD: CNNVD-201703-1382

PROBLEMTYPE DATA

problemtype:

CWE-77

Trust: 1.8

sources: JVNDB: JVNDB-2017-002798 // NVD: CVE-2017-6183

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1382

TYPE

command injection

Trust: 0.6

sources: CNNVD: CNNVD-201703-1382

CONFIGURATIONS

sources: NVD: CVE-2017-6183

PATCH

title:	Version 4.3.1.2 Release Notes	url:	http://wsa.sophos.com/rn/swa/concepts/releasenotes_4.3.1.2.html	Trust: 0.8
title:	Release of SWA v4.3.1.2	url:	https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2	Trust: 0.8
title:	Patch for SophosWebAppliance Remote Command Injection Vulnerability (CNVD-2017-05238)	url:	https://www.cnvd.org.cn/patchinfo/show/92640	Trust: 0.6
title:	Sophos Web Appliance Fixes for command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68889	Trust: 0.6

sources: CNVD: CNVD-2017-05238 // JVNDB: JVNDB-2017-002798 // CNNVD: CNNVD-201703-1382

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6183	Trust: 3.3
db:	BID	id:	97261	Trust: 1.9
db:	JVNDB	id:	JVNDB-2017-002798	Trust: 0.8
db:	CNVD	id:	CNVD-2017-05238	Trust: 0.6
db:	CNNVD	id:	CNNVD-201703-1382	Trust: 0.6

sources: CNVD: CNVD-2017-05238 // BID: 97261 // JVNDB: JVNDB-2017-002798 // NVD: CVE-2017-6183 // CNNVD: CNNVD-201703-1382

REFERENCES

url:	http://wsa.sophos.com/rn/swa/concepts/releasenotes_4.3.1.2.html	Trust: 2.5
url:	http://www.securityfocus.com/bid/97261	Trust: 1.6
url:	https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6183	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6183	Trust: 0.8
url:	http://www.splunk.com/	Trust: 0.3

sources: CNVD: CNVD-2017-05238 // BID: 97261 // JVNDB: JVNDB-2017-002798 // NVD: CVE-2017-6183 // CNNVD: CNNVD-201703-1382

CREDITS

Russell Sanford, Kapil Khot and Russell Sanford.

Trust: 0.3

sources: BID: 97261

SOURCES

db:	CNVD	id:	CNVD-2017-05238
db:	BID	id:	97261
db:	JVNDB	id:	JVNDB-2017-002798
db:	NVD	id:	CVE-2017-6183
db:	CNNVD	id:	CNNVD-201703-1382

LAST UPDATE DATE

2023-12-18T12:29:45.032000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-05238	date:	2017-04-24T00:00:00
db:	BID	id:	97261	date:	2017-04-04T00:02:00
db:	JVNDB	id:	JVNDB-2017-002798	date:	2017-04-28T00:00:00
db:	NVD	id:	CVE-2017-6183	date:	2017-04-04T15:24:53.780
db:	CNNVD	id:	CNNVD-201703-1382	date:	2017-03-31T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-05238	date:	2017-04-24T00:00:00
db:	BID	id:	97261	date:	2017-03-31T00:00:00
db:	JVNDB	id:	JVNDB-2017-002798	date:	2017-04-28T00:00:00
db:	NVD	id:	CVE-2017-6183	date:	2017-03-30T17:59:00.243
db:	CNNVD	id:	CNNVD-201703-1382	date:	2017-03-31T00:00:00