Details of VAR-201804-0081

ID

VAR-201804-0081

CVE

CVE-2016-8371

TITLE

Phoenix Contact ILC Authentication Bypass Vulnerability

Trust: 0.8

sources: IVD: 0211a82b-8961-455d-a8ed-a6f084997adb // CNVD: CNVD-2016-10998

DESCRIPTION

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. Phoenix Contact ProConOs and MultiProg are programmable logic controllers (PLCs) for industrial PCs from the Phoenix Contact group in Germany. Attackers may exploit these issues to gain unauthorized access to restricted content by bypassing intended security restrictions or to obtain sensitive information that may aid in launching further attacks

Trust: 2.7

sources: NVD: CVE-2016-8371 // JVNDB: JVNDB-2016-009005 // CNVD: CNVD-2016-10998 // BID: 94163 // IVD: 0211a82b-8961-455d-a8ed-a6f084997adb // VULHUB: VHN-97191

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 0211a82b-8961-455d-a8ed-a6f084997adb // CNVD: CNVD-2016-10998

AFFECTED PRODUCTS

vendor:	phoenixcontact	model:	ilc plcs	scope:	eq	version:	-	Trust: 1.6
vendor:	phoenix contact	model:	ilc programmable logic controller	scope:	-	version:	-	Trust: 0.8
vendor:	phoenix	model:	contact ilc plc	scope:	-	version:	-	Trust: 0.6
vendor:	phoenix	model:	contact ilc plc	scope:	eq	version:	0	Trust: 0.3
vendor:	ilc plcs	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: 0211a82b-8961-455d-a8ed-a6f084997adb // CNVD: CNVD-2016-10998 // BID: 94163 // JVNDB: JVNDB-2016-009005 // CNNVD: CNNVD-201611-314 // NVD: CVE-2016-8371

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-8371
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-8371
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-10998
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201611-314
value:	HIGH
Trust: 0.6
IVD:	0211a82b-8961-455d-a8ed-a6f084997adb
value:	HIGH
Trust: 0.2
VULHUB:	VHN-97191
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-8371
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-10998
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	0211a82b-8961-455d-a8ed-a6f084997adb
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-97191
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-8371
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	3.4
version:	3.0
Trust: 1.8

sources: IVD: 0211a82b-8961-455d-a8ed-a6f084997adb // CNVD: CNVD-2016-10998 // VULHUB: VHN-97191 // JVNDB: JVNDB-2016-009005 // CNNVD: CNNVD-201611-314 // NVD: CVE-2016-8371

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.9
problemtype:	CWE-592	Trust: 1.0

sources: VULHUB: VHN-97191 // JVNDB: JVNDB-2016-009005 // NVD: CVE-2016-8371

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-314

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201611-314

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-009005

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-97191

PATCH

title:	トップページ	url:	https://www.phoenixcontact.com/online/portal/jp?1dmy&urile=wcm%3apath%3a/jpja/web/home	Trust: 0.8
title:	Phoenix Contact ILC authentication bypass vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/83811	Trust: 0.6
title:	Phoenix Contact ILC PLC Fixes for authentication bypassing vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65682	Trust: 0.6

sources: CNVD: CNVD-2016-10998 // JVNDB: JVNDB-2016-009005 // CNNVD: CNNVD-201611-314

EXTERNAL IDS

db:	NVD	id:	CVE-2016-8371	Trust: 3.6
db:	BID	id:	94163	Trust: 2.6
db:	EXPLOIT-DB	id:	45590	Trust: 1.1
db:	CNNVD	id:	CNNVD-201611-314	Trust: 0.9
db:	CNVD	id:	CNVD-2016-10998	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-009005	Trust: 0.8
db:	IVD	id:	0211A82B-8961-455D-A8ED-A6F084997ADB	Trust: 0.2
db:	PACKETSTORM	id:	149776	Trust: 0.1
db:	VULHUB	id:	VHN-97191	Trust: 0.1

sources: IVD: 0211a82b-8961-455d-a8ed-a6f084997adb // CNVD: CNVD-2016-10998 // VULHUB: VHN-97191 // BID: 94163 // JVNDB: JVNDB-2016-009005 // CNNVD: CNNVD-201611-314 // NVD: CVE-2016-8371

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-313-01	Trust: 2.8
url:	http://www.securityfocus.com/bid/94163	Trust: 2.3
url:	https://www.exploit-db.com/exploits/45590/	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8371	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-8371	Trust: 0.8
url:	https://www.phoenixcontact.com/online/portal/pc	Trust: 0.3

sources: CNVD: CNVD-2016-10998 // VULHUB: VHN-97191 // BID: 94163 // JVNDB: JVNDB-2016-009005 // CNNVD: CNNVD-201611-314 // NVD: CVE-2016-8371

CREDITS

Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg.

Trust: 0.9

sources: BID: 94163 // CNNVD: CNNVD-201611-314

SOURCES

db:	IVD	id:	0211a82b-8961-455d-a8ed-a6f084997adb
db:	CNVD	id:	CNVD-2016-10998
db:	VULHUB	id:	VHN-97191
db:	BID	id:	94163
db:	JVNDB	id:	JVNDB-2016-009005
db:	CNNVD	id:	CNNVD-201611-314
db:	NVD	id:	CVE-2016-8371

LAST UPDATE DATE

2024-11-23T22:17:36.478000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-10998	date:	2016-11-14T00:00:00
db:	VULHUB	id:	VHN-97191	date:	2018-10-14T00:00:00
db:	BID	id:	94163	date:	2016-11-24T01:08:00
db:	JVNDB	id:	JVNDB-2016-009005	date:	2018-06-06T00:00:00
db:	CNNVD	id:	CNNVD-201611-314	date:	2018-12-04T00:00:00
db:	NVD	id:	CVE-2016-8371	date:	2024-11-21T02:59:14.550

SOURCES RELEASE DATE

db:	IVD	id:	0211a82b-8961-455d-a8ed-a6f084997adb	date:	2016-11-14T00:00:00
db:	CNVD	id:	CNVD-2016-10998	date:	2016-11-14T00:00:00
db:	VULHUB	id:	VHN-97191	date:	2018-04-05T00:00:00
db:	BID	id:	94163	date:	2016-11-08T00:00:00
db:	JVNDB	id:	JVNDB-2016-009005	date:	2018-06-06T00:00:00
db:	CNNVD	id:	CNNVD-201611-314	date:	2016-11-16T00:00:00
db:	NVD	id:	CVE-2016-8371	date:	2018-04-05T16:29:00.283