Details of VAR-201710-1114

ID

VAR-201710-1114

CVE

CVE-2017-12819

TITLE

plural Gemalto Product Sentinel LDK RTE Vulnerabilities related to security functions in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2017-009451

DESCRIPTION

Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55. Both Gemalto HASP SRM and Sentinel HASP are dongle drivers from Gemalto. Sentinel LDK is a license management tool. Attackers can exploit this vulnerability to implement NTLM relay attacks

Trust: 1.8

sources: NVD: CVE-2017-12819 // JVNDB: JVNDB-2017-009451 // VULHUB: VHN-103379 // VULMON: CVE-2017-12819

AFFECTED PRODUCTS

vendor:	sentinel	model:	ldk rte	scope:	lte	version:	7.50	Trust: 1.0
vendor:	gemalto n v	model:	sentinel ldk rte	scope:	lt	version:	7.55	Trust: 0.8
vendor:	sentinel	model:	ldk rte	scope:	eq	version:	7.50	Trust: 0.6

sources: JVNDB: JVNDB-2017-009451 // CNNVD: CNNVD-201710-422 // NVD: CVE-2017-12819

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-12819
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-12819
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201710-422
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-103379
value:	HIGH
Trust: 0.1
VULMON:	CVE-2017-12819
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-12819
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-103379
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-12819
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-103379 // VULMON: CVE-2017-12819 // JVNDB: JVNDB-2017-009451 // CNNVD: CNNVD-201710-422 // NVD: CVE-2017-12819

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.1
problemtype:	CWE-254	Trust: 0.9

sources: VULHUB: VHN-103379 // JVNDB: JVNDB-2017-009451 // NVD: CVE-2017-12819

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201710-422

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201710-422

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-009451

PATCH

title:	Top Page	url:	https://sentinelcustomer.gemalto.com/	Trust: 0.8
title:	Gemalto HASP SRM , Sentinel HASP and Sentinel LDK Sentinel LDK Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=75624	Trust: 0.6

sources: JVNDB: JVNDB-2017-009451 // CNNVD: CNNVD-201710-422

EXTERNAL IDS

db:	ICS CERT	id:	ICSA-18-093-01	Trust: 2.6
db:	NVD	id:	CVE-2017-12819	Trust: 2.6
db:	SIEMENS	id:	SSA-727467	Trust: 1.8
db:	ICS CERT	id:	ICSA-18-018-01	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-009451	Trust: 0.8
db:	CNNVD	id:	CNNVD-201710-422	Trust: 0.7
db:	VULHUB	id:	VHN-103379	Trust: 0.1
db:	VULMON	id:	CVE-2017-12819	Trust: 0.1

sources: VULHUB: VHN-103379 // VULMON: CVE-2017-12819 // JVNDB: JVNDB-2017-009451 // CNNVD: CNNVD-201710-422 // NVD: CVE-2017-12819

REFERENCES

url:	https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-005-sentinel-ldk-rte-remote-manipulations-with-language-pack-updater-lead-to-ntlm-relay-attack-for-system-user/	Trust: 2.6
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-093-01	Trust: 1.9
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12819	Trust: 0.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-018-01	Trust: 0.8
url:	https://www.us-cert.gov/ics/advisories/icsa-18-093-01	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-12819	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-103379 // VULMON: CVE-2017-12819 // JVNDB: JVNDB-2017-009451 // CNNVD: CNNVD-201710-422 // NVD: CVE-2017-12819

SOURCES

db:	VULHUB	id:	VHN-103379
db:	VULMON	id:	CVE-2017-12819
db:	JVNDB	id:	JVNDB-2017-009451
db:	CNNVD	id:	CNNVD-201710-422
db:	NVD	id:	CVE-2017-12819

LAST UPDATE DATE

2025-04-20T23:12:50.609000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-103379	date:	2019-10-03T00:00:00
db:	VULMON	id:	CVE-2017-12819	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2017-009451	date:	2019-07-09T00:00:00
db:	CNNVD	id:	CNNVD-201710-422	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-12819	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-103379	date:	2017-10-04T00:00:00
db:	VULMON	id:	CVE-2017-12819	date:	2017-10-04T00:00:00
db:	JVNDB	id:	JVNDB-2017-009451	date:	2017-11-13T00:00:00
db:	CNNVD	id:	CNNVD-201710-422	date:	2017-10-30T00:00:00
db:	NVD	id:	CVE-2017-12819	date:	2017-10-04T01:29:02.183