Details of VAR-201710-0791

ID

VAR-201710-0791

CVE

CVE-2017-13994

TITLE

LOYTEC LVIS-3ME Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2017-008625

DESCRIPTION

A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web interface is tricked into clicking a malicious link. LOYTEC LVIS-3ME is prone to the following security vulnerabilities: : 1. A directory-traversal vulnerability 2. An insufficient-entropy vulnerability 3. An information-disclosure vulnerability An attacker may leverage these issues to execute script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, execute arbitrary code within the context of the affected system or use specially crafted requests with directory-traversal sequences ('../') to read arbitrary files in the context of the application. LOYTEC LVIS-3ME is an HMI touch panel produced by LOYTEC in Germany. The vulnerability stems from the fact that the program does not fully authenticate Web requests

Trust: 2.07

sources: NVD: CVE-2017-13994 // JVNDB: JVNDB-2017-008625 // BID: 100847 // VULHUB: VHN-104672 // VULMON: CVE-2017-13994

AFFECTED PRODUCTS

vendor:	loytec	model:	lvis-3me	scope:	lte	version:	6.1.1	Trust: 1.0
vendor:	loytec	model:	lvis-3me	scope:	lt	version:	6.2.0	Trust: 0.8
vendor:	loytec	model:	lvis-3me	scope:	eq	version:	6.1.1	Trust: 0.6
vendor:	loytec	model:	lvis-3me	scope:	eq	version:	0	Trust: 0.3
vendor:	loytec	model:	lvis-3me	scope:	ne	version:	6.2	Trust: 0.3

sources: BID: 100847 // JVNDB: JVNDB-2017-008625 // CNNVD: CNNVD-201709-870 // NVD: CVE-2017-13994

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-13994
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-13994
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201709-870
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-104672
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2017-13994
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-13994
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-104672
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-13994
baseSeverity:	MEDIUM
baseScore:	6.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-104672 // VULMON: CVE-2017-13994 // JVNDB: JVNDB-2017-008625 // CNNVD: CNNVD-201709-870 // NVD: CVE-2017-13994

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-104672 // JVNDB: JVNDB-2017-008625 // NVD: CVE-2017-13994

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-870

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201709-870

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-008625

PATCH

title:	トップページ	url:	https://www.loytec.com/jp/	Trust: 0.8
title:	LOYTEC LVIS-3ME Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74975	Trust: 0.6

sources: JVNDB: JVNDB-2017-008625 // CNNVD: CNNVD-201709-870

EXTERNAL IDS

db:	NVD	id:	CVE-2017-13994	Trust: 2.9
db:	ICS CERT	id:	ICSA-17-257-01	Trust: 2.9
db:	BID	id:	100847	Trust: 2.1
db:	JVNDB	id:	JVNDB-2017-008625	Trust: 0.8
db:	CNNVD	id:	CNNVD-201709-870	Trust: 0.7
db:	VULHUB	id:	VHN-104672	Trust: 0.1
db:	VULMON	id:	CVE-2017-13994	Trust: 0.1

sources: VULHUB: VHN-104672 // VULMON: CVE-2017-13994 // BID: 100847 // JVNDB: JVNDB-2017-008625 // CNNVD: CNNVD-201709-870 // NVD: CVE-2017-13994

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-257-01	Trust: 2.9
url:	http://www.securityfocus.com/bid/100847	Trust: 1.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13994	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13994	Trust: 0.8
url:	https://www.loytec.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/79.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-104672 // VULMON: CVE-2017-13994 // BID: 100847 // JVNDB: JVNDB-2017-008625 // CNNVD: CNNVD-201709-870 // NVD: CVE-2017-13994

CREDITS

Davy Douhine of RandoriSec

Trust: 0.9

sources: BID: 100847 // CNNVD: CNNVD-201709-870

SOURCES

db:	VULHUB	id:	VHN-104672
db:	VULMON	id:	CVE-2017-13994
db:	BID	id:	100847
db:	JVNDB	id:	JVNDB-2017-008625
db:	CNNVD	id:	CNNVD-201709-870
db:	NVD	id:	CVE-2017-13994

LAST UPDATE DATE

2025-04-20T23:22:10.059000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-104672	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2017-13994	date:	2019-10-09T00:00:00
db:	BID	id:	100847	date:	2017-09-14T00:00:00
db:	JVNDB	id:	JVNDB-2017-008625	date:	2017-10-25T00:00:00
db:	CNNVD	id:	CNNVD-201709-870	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-13994	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-104672	date:	2017-10-05T00:00:00
db:	VULMON	id:	CVE-2017-13994	date:	2017-10-05T00:00:00
db:	BID	id:	100847	date:	2017-09-14T00:00:00
db:	JVNDB	id:	JVNDB-2017-008625	date:	2017-10-25T00:00:00
db:	CNNVD	id:	CNNVD-201709-870	date:	2017-09-21T00:00:00
db:	NVD	id:	CVE-2017-13994	date:	2017-10-05T21:29:00.303