Details of VAR-201709-1099

ID

VAR-201709-1099

CVE

CVE-2017-7971

TITLE

Schneider Electric's PowerSCADA Anywhere and Citect Anywhere Vulnerabilities related to certificate validation

Trust: 0.8

sources: JVNDB: JVNDB-2017-008374

DESCRIPTION

A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the use of outdated cipher suites and improper verification of peer SSL Certificate. Schneider Electric's PowerSCADA Anywhere and Citect Anywhere Contains a certificate validation vulnerability.Information may be obtained. PowerSCADA Anywhere is SCADA and power monitoring software. Citect is an industrial automation operation and monitoring software. The program used an expired password and incorrectly verified the SSL certificate. An attacker could exploit the vulnerability to perform a man-in-the-middle attack or impersonate a trusted server. Schneider Electric PowerSCADA Anywhere and Citect Anywhere are prone to the following security vulnerabilities: 1. A cross-site request-forgery vulnerability 2. An information-disclosure vulnerability 3. Multiple security-bypass vulnerabilities Exploiting these issues could allow an attacker to obtain sensitive information, bypass certain security restrictions, perform unauthorized actions, or gain access to the affected system. Following products and versions are vulnerable: PowerSCADA Anywhere 1.0 redistributed with PowerSCADA Expert 8.1 and PowerSCADA Expert 8.2 Citect Anywhere 1.0

Trust: 2.61

sources: NVD: CVE-2017-7971 // JVNDB: JVNDB-2017-008374 // CNVD: CNVD-2017-22847 // BID: 99913 // IVD: 39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70 // CNVD: CNVD-2017-22847

AFFECTED PRODUCTS

vendor:	schneider electric	model:	powerscada anywhere	scope:	eq	version:	1.0	Trust: 2.7
vendor:	schneider electric	model:	citect anywhere	scope:	eq	version:	1.0	Trust: 2.7
vendor:	schneider	model:	electric citect anywhere	scope:	eq	version:	1.0	Trust: 0.6
vendor:	schneider	model:	electric powerscada anywhere	scope:	eq	version:	1.0	Trust: 0.6
vendor:	schneider electric	model:	powerscada expert	scope:	eq	version:	8.2	Trust: 0.3
vendor:	schneider electric	model:	powerscada expert	scope:	eq	version:	8.1	Trust: 0.3
vendor:	powerscada anywhere	model:	-	scope:	eq	version:	1.0	Trust: 0.2
vendor:	citect anywhere	model:	-	scope:	eq	version:	1.0	Trust: 0.2

sources: IVD: 39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70 // CNVD: CNVD-2017-22847 // BID: 99913 // JVNDB: JVNDB-2017-008374 // CNNVD: CNNVD-201704-897 // NVD: CVE-2017-7971

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7971
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-7971
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-22847
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201704-897
value:	MEDIUM
Trust: 0.6
IVD:	39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2017-7971
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-22847
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2017-7971
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: IVD: 39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70 // CNVD: CNVD-2017-22847 // JVNDB: JVNDB-2017-008374 // CNNVD: CNNVD-201704-897 // NVD: CVE-2017-7971

PROBLEMTYPE DATA

problemtype:

CWE-295

Trust: 1.8

sources: JVNDB: JVNDB-2017-008374 // NVD: CVE-2017-7971

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201704-897

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201704-897

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-008374

PATCH

title:	SEVD-2017-173-01	url:	https://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/	Trust: 0.8
title:	Security Notification - Citect Anywhere	url:	https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere	Trust: 0.8
title:	Patch for Schneider Electric PowerSCADA Anywhere/Citect Anywhere Certificate Validation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/100826	Trust: 0.6

sources: CNVD: CNVD-2017-22847 // JVNDB: JVNDB-2017-008374

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7971	Trust: 3.5
db:	SCHNEIDER	id:	SEVD-2017-173-01	Trust: 1.9
db:	BID	id:	99913	Trust: 1.9
db:	ICS CERT	id:	ICSA-17-201-01	Trust: 0.9
db:	CNVD	id:	CNVD-2017-22847	Trust: 0.8
db:	CNNVD	id:	CNNVD-201704-897	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-008374	Trust: 0.8
db:	NSFOCUS	id:	37194	Trust: 0.6
db:	IVD	id:	39E62F7F-C73D-4E6E-B3AA-CA1A6BEE5D70	Trust: 0.2

sources: IVD: 39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70 // CNVD: CNVD-2017-22847 // BID: 99913 // JVNDB: JVNDB-2017-008374 // CNNVD: CNNVD-201704-897 // NVD: CVE-2017-7971

REFERENCES

url:	http://www.schneider-electric.com/en/download/document/sevd-2017-173-01/	Trust: 1.9
url:	http://www.securityfocus.com/bid/99913	Trust: 1.6
url:	https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7971	Trust: 1.4
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-201-01	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7971	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/37194	Trust: 0.6
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3

sources: CNVD: CNVD-2017-22847 // BID: 99913 // JVNDB: JVNDB-2017-008374 // CNNVD: CNNVD-201704-897 // NVD: CVE-2017-7971

CREDITS

Schneider Electric

Trust: 0.3

sources: BID: 99913

SOURCES

db:	IVD	id:	39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70
db:	CNVD	id:	CNVD-2017-22847
db:	BID	id:	99913
db:	JVNDB	id:	JVNDB-2017-008374
db:	CNNVD	id:	CNNVD-201704-897
db:	NVD	id:	CVE-2017-7971

LAST UPDATE DATE

2025-04-20T23:22:11.101000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-22847	date:	2017-09-22T00:00:00
db:	BID	id:	99913	date:	2017-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2017-008374	date:	2017-10-17T00:00:00
db:	CNNVD	id:	CNNVD-201704-897	date:	2017-09-30T00:00:00
db:	NVD	id:	CVE-2017-7971	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	39e62f7f-c73d-4e6e-b3aa-ca1a6bee5d70	date:	2017-08-25T00:00:00
db:	CNVD	id:	CNVD-2017-22847	date:	2017-08-25T00:00:00
db:	BID	id:	99913	date:	2017-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2017-008374	date:	2017-10-17T00:00:00
db:	CNNVD	id:	CNNVD-201704-897	date:	2017-04-20T00:00:00
db:	NVD	id:	CVE-2017-7971	date:	2017-09-26T01:29:03.587