Details of VAR-201712-0537

ID

VAR-201712-0537

CVE

CVE-2017-17974

TITLE

BA SYSTEMS BAS920 Device and ISC2000 Vulnerabilities related to certificate and password management in devices

Trust: 0.8

sources: JVNDB: JVNDB-2017-011894

DESCRIPTION

BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative access by subsequently using the credential information for the Supervisor/Administrator account. BA SYSTEMS BAS920 Device and ISC2000 The device contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The BAS920 and ISC2000 devices are programmable intelligent controller products from BA SYSTEMS, Denmark. BA SYSTEMS BAS Web is a building automation system running in it. A remote attacker can exploit this vulnerability to obtain sensitive information by sending a request to the isc/get_sid_js.aspx or isc/get_sid.aspx file

Trust: 2.52

sources: NVD: CVE-2017-17974 // JVNDB: JVNDB-2017-011894 // CNVD: CNVD-2018-02817 // IVD: e2e378a1-39ab-11e9-a899-000c29342cb1 // VULHUB: VHN-109050 // VULMON: CVE-2017-17974

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2e378a1-39ab-11e9-a899-000c29342cb1 // CNVD: CNVD-2018-02817

AFFECTED PRODUCTS

vendor:	basystems	model:	bas920	scope:	eq	version:	01.01.00	Trust: 1.6
vendor:	basystems	model:	isc2000	scope:	eq	version:	01.01.00	Trust: 1.6
vendor:	ba	model:	bas920	scope:	-	version:	-	Trust: 0.8
vendor:	ba	model:	isc2000	scope:	-	version:	-	Trust: 0.8
vendor:	ba	model:	systems bas920	scope:	eq	version:	01.01.00*	Trust: 0.6
vendor:	ba	model:	systems bas920 httpserv	scope:	eq	version:	00002	Trust: 0.6
vendor:	ba	model:	systems bas920 script	scope:	eq	version:	02.*	Trust: 0.6
vendor:	ba	model:	systems isc2000	scope:	eq	version:	01.01.00*	Trust: 0.6
vendor:	ba	model:	systems isc2000 httpserv	scope:	eq	version:	00002	Trust: 0.6
vendor:	ba	model:	systems isc2000 script	scope:	eq	version:	02.*	Trust: 0.6
vendor:	bas920	model:	-	scope:	eq	version:	01.01.00	Trust: 0.2
vendor:	isc2000	model:	-	scope:	eq	version:	01.01.00	Trust: 0.2

sources: IVD: e2e378a1-39ab-11e9-a899-000c29342cb1 // CNVD: CNVD-2018-02817 // JVNDB: JVNDB-2017-011894 // CNNVD: CNNVD-201801-043 // NVD: CVE-2017-17974

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-17974
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-17974
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-02817
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201801-043
value:	CRITICAL
Trust: 0.6
IVD:	e2e378a1-39ab-11e9-a899-000c29342cb1
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-109050
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2017-17974
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-17974
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-02817
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2e378a1-39ab-11e9-a899-000c29342cb1
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-109050
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-17974
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e2e378a1-39ab-11e9-a899-000c29342cb1 // CNVD: CNVD-2018-02817 // VULHUB: VHN-109050 // VULMON: CVE-2017-17974 // JVNDB: JVNDB-2017-011894 // CNNVD: CNNVD-201801-043 // NVD: CVE-2017-17974

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-255	Trust: 0.9

sources: VULHUB: VHN-109050 // JVNDB: JVNDB-2017-011894 // NVD: CVE-2017-17974

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201801-043

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201801-043

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-011894

PATCH

title:

Top Page

url:

http://www.basystems.dk/home

Trust: 0.8

sources: JVNDB: JVNDB-2017-011894

EXTERNAL IDS

db:	NVD	id:	CVE-2017-17974	Trust: 3.4
db:	CNNVD	id:	CNNVD-201801-043	Trust: 0.9
db:	CNVD	id:	CNVD-2018-02817	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-011894	Trust: 0.8
db:	IVD	id:	E2E378A1-39AB-11E9-A899-000C29342CB1	Trust: 0.2
db:	SEEBUG	id:	SSVID-97286	Trust: 0.1
db:	VULHUB	id:	VHN-109050	Trust: 0.1
db:	VULMON	id:	CVE-2017-17974	Trust: 0.1

REFERENCES

url:	https://github.com/ezelf/back_system	Trust: 2.6
url:	http://misteralfa-hack.blogspot.cl/2017/12/ba-system-improper-access-control.html	Trust: 2.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17974	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-17974	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2018-02817 // VULHUB: VHN-109050 // VULMON: CVE-2017-17974 // JVNDB: JVNDB-2017-011894 // CNNVD: CNNVD-201801-043 // NVD: CVE-2017-17974

SOURCES

db:	IVD	id:	e2e378a1-39ab-11e9-a899-000c29342cb1
db:	CNVD	id:	CNVD-2018-02817
db:	VULHUB	id:	VHN-109050
db:	VULMON	id:	CVE-2017-17974
db:	JVNDB	id:	JVNDB-2017-011894
db:	CNNVD	id:	CNNVD-201801-043
db:	NVD	id:	CVE-2017-17974

LAST UPDATE DATE

2025-04-20T23:39:55.291000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-02817	date:	2018-02-06T00:00:00
db:	VULHUB	id:	VHN-109050	date:	2019-10-03T00:00:00
db:	VULMON	id:	CVE-2017-17974	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2017-011894	date:	2018-02-02T00:00:00
db:	CNNVD	id:	CNNVD-201801-043	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-17974	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	e2e378a1-39ab-11e9-a899-000c29342cb1	date:	2018-02-06T00:00:00
db:	CNVD	id:	CNVD-2018-02817	date:	2018-02-06T00:00:00
db:	VULHUB	id:	VHN-109050	date:	2017-12-29T00:00:00
db:	VULMON	id:	CVE-2017-17974	date:	2017-12-29T00:00:00
db:	JVNDB	id:	JVNDB-2017-011894	date:	2018-02-02T00:00:00
db:	CNNVD	id:	CNNVD-201801-043	date:	2018-01-03T00:00:00
db:	NVD	id:	CVE-2017-17974	date:	2017-12-29T21:29:00.237