Details of VAR-201804-0382

ID

VAR-201804-0382

CVE

CVE-2017-14471

TITLE

Allen Bradley Micrologix 1400 Series B Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-013220

DESCRIPTION

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information, modification of settings, or modification of ladder logic. An attacker can send unauthenticated packets to trigger this vulnerability. Required Keyswitch State: REMOTE or PROG Associated Fault Codes: 0023, 002e, and 0037 Fault Type: Recoverable Description: The STI, EII, and HSC function files contain bits signifying whether or not a fault has occurred. Additionally there is a bit signaling the module to auto start. When these bits are set for any of the three modules and the device is moved into a run state, a fault is triggered. The AllenBradley Micrologix 1400 SeriesBFRN is a programmable logic controller from Rockwell Automation

Trust: 2.43

sources: NVD: CVE-2017-14471 // JVNDB: JVNDB-2017-013220 // CNVD: CNVD-2018-08281 // IVD: e2ecc76e-39ab-11e9-970d-000c29342cb1 // VULHUB: VHN-105197

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: e2ecc76e-39ab-11e9-970d-000c29342cb1 // CNVD: CNVD-2018-08281

AFFECTED PRODUCTS

vendor:	rockwellautomation	model:	micrologix 1400 b	scope:	lte	version:	21.2	Trust: 1.0
vendor:	rockwell automation	model:	allen-bradley micrologix	scope:	lte	version:	1400 series b frn 21.2	Trust: 0.8
vendor:	rockwell	model:	automation allen bradley micrologix series b frn	scope:	eq	version:	1400<=21.2	Trust: 0.6
vendor:	rockwellautomation	model:	micrologix 1400 b	scope:	eq	version:	21.2	Trust: 0.6
vendor:	micrologix 1400 b	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2ecc76e-39ab-11e9-970d-000c29342cb1 // CNVD: CNVD-2018-08281 // JVNDB: JVNDB-2017-013220 // CNNVD: CNNVD-201709-550 // NVD: CVE-2017-14471

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-14471
value:	CRITICAL
Trust: 1.0
talos-cna@cisco.com:	CVE-2017-14471
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-14471
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-08281
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201709-550
value:	CRITICAL
Trust: 0.6
IVD:	e2ecc76e-39ab-11e9-970d-000c29342cb1
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-105197
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-14471
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-08281
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2ecc76e-39ab-11e9-970d-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-105197
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-14471
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8
talos-cna@cisco.com:	CVE-2017-14471
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	6.0
version:	3.0
Trust: 1.0

sources: IVD: e2ecc76e-39ab-11e9-970d-000c29342cb1 // CNVD: CNVD-2018-08281 // VULHUB: VHN-105197 // JVNDB: JVNDB-2017-013220 // CNNVD: CNNVD-201709-550 // NVD: CVE-2017-14471 // NVD: CVE-2017-14471

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-284	Trust: 0.9

sources: VULHUB: VHN-105197 // JVNDB: JVNDB-2017-013220 // NVD: CVE-2017-14471

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201709-550

TYPE

Access control error

Trust: 0.8

sources: IVD: e2ecc76e-39ab-11e9-970d-000c29342cb1 // CNNVD: CNNVD-201709-550

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-013220

PATCH

title:

MicroLogix 1400 Programmable Logic Controller Systems

url:

https://ab.rockwellautomation.com/Programmable-Controllers/MicroLogix-1400

Trust: 0.8

sources: JVNDB: JVNDB-2017-013220

EXTERNAL IDS

db:	NVD	id:	CVE-2017-14471	Trust: 3.3
db:	TALOS	id:	TALOS-2017-0443	Trust: 3.1
db:	CNNVD	id:	CNNVD-201709-550	Trust: 0.9
db:	CNVD	id:	CNVD-2018-08281	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-013220	Trust: 0.8
db:	IVD	id:	E2ECC76E-39AB-11E9-970D-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-105197	Trust: 0.1

sources: IVD: e2ecc76e-39ab-11e9-970d-000c29342cb1 // CNVD: CNVD-2018-08281 // VULHUB: VHN-105197 // JVNDB: JVNDB-2017-013220 // CNNVD: CNNVD-201709-550 // NVD: CVE-2017-14471

REFERENCES

url:	https://www.talosintelligence.com/vulnerability_reports/talos-2017-0443	Trust: 3.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14471	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-14471	Trust: 0.8
url:	https://talosintelligence.com/vulnerability_reports/talos-2017-0443	Trust: 0.6

sources: CNVD: CNVD-2018-08281 // VULHUB: VHN-105197 // JVNDB: JVNDB-2017-013220 // CNNVD: CNNVD-201709-550 // NVD: CVE-2017-14471

SOURCES

db:	IVD	id:	e2ecc76e-39ab-11e9-970d-000c29342cb1
db:	CNVD	id:	CNVD-2018-08281
db:	VULHUB	id:	VHN-105197
db:	JVNDB	id:	JVNDB-2017-013220
db:	CNNVD	id:	CNNVD-201709-550
db:	NVD	id:	CVE-2017-14471

LAST UPDATE DATE

2024-11-23T21:39:27.888000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-08281	date:	2018-04-25T00:00:00
db:	VULHUB	id:	VHN-105197	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2017-013220	date:	2018-06-07T00:00:00
db:	CNNVD	id:	CNNVD-201709-550	date:	2022-04-20T00:00:00
db:	NVD	id:	CVE-2017-14471	date:	2024-11-21T03:12:51.553

SOURCES RELEASE DATE

db:	IVD	id:	e2ecc76e-39ab-11e9-970d-000c29342cb1	date:	2018-04-25T00:00:00
db:	CNVD	id:	CNVD-2018-08281	date:	2018-04-25T00:00:00
db:	VULHUB	id:	VHN-105197	date:	2018-04-05T00:00:00
db:	JVNDB	id:	JVNDB-2017-013220	date:	2018-06-07T00:00:00
db:	CNNVD	id:	CNNVD-201709-550	date:	2017-09-14T00:00:00
db:	NVD	id:	CVE-2017-14471	date:	2018-04-05T21:29:01.087