Sign-up

ID

VAR-201805-0355


CVE

CVE-2017-9664


TITLE

ABB SREA-01 and SREA-50 Path traversal vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-013494

DESCRIPTION

In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any authorization over the network using a HTTP request which refers to files using ../../ relative paths. Once the internal password file is retrieved, the password hash can be identified using a brute force attack. There is also an exploit allowing running of commands after authorization. ABB SREA-01 and SREA-50 Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both ABBSREA-01 and SREA-50 are inverter adapters from Asea Brown Boveri (ABB), Switzerland. A directory traversal vulnerability exists in ABBSREA-01 and SREA-50. An attacker who successfully exploited the vulnerability could access files on the file system of the affected product, view the data, change the configuration, retrieve the password hash code, and send commands to connect to Authorized device. ABB SREA-01 and SREA-50 are prone to a directory-traversal vulnerability. Remote attackers may use a specially crafted request with directory-traversal sequences ('../') to retrieve sensitive information. This may aid in further attacks. The following products are affected: SREA-01 revisions A, B, C version 3.31.5 and prior. SREA-50 revision A version 3.32.8 and prior

Trust: 2.7

sources: NVD: CVE-2017-9664 // JVNDB: JVNDB-2017-013494 // CNVD: CNVD-2017-22843 // BID: 100260 // IVD: 4fdfe066-cc27-4be8-9ff4-ecee3b2345ee // VULHUB: VHN-117867

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 4fdfe066-cc27-4be8-9ff4-ecee3b2345ee // CNVD: CNVD-2017-22843

AFFECTED PRODUCTS

vendor:abbmodel:srea-01scope:lteversion:3.31.5

Trust: 1.8

vendor:abbmodel:srea-50scope:lteversion:3.32.8

Trust: 1.8

vendor:abbmodel:srea-01scope:lteversion:<=3.31.5

Trust: 0.6

vendor:abbmodel:srea-50scope:lteversion:<=3.32.8

Trust: 0.6

vendor:abbmodel:srea-01scope:eqversion:3.31.5

Trust: 0.6

vendor:abbmodel:srea-50scope:eqversion:3.32.8

Trust: 0.6

vendor:abbmodel:srea-50 ascope:eqversion:3.32.8

Trust: 0.3

vendor:abbmodel:srea-01 cscope:eqversion:3.31.5

Trust: 0.3

vendor:abbmodel:srea-01 bscope:eqversion:3.31.5

Trust: 0.3

vendor:abbmodel:srea-01 ascope:eqversion:3.31.5

Trust: 0.3

vendor:srea 50model: - scope:eqversion:*

Trust: 0.2

vendor:srea 01model: - scope:eqversion:*

Trust: 0.2

sources: IVD: 4fdfe066-cc27-4be8-9ff4-ecee3b2345ee // CNVD: CNVD-2017-22843 // BID: 100260 // JVNDB: JVNDB-2017-013494 // CNNVD: CNNVD-201706-573 // NVD: CVE-2017-9664

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-9664
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-9664
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2017-22843
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201706-573
value: CRITICAL

Trust: 0.6

IVD: 4fdfe066-cc27-4be8-9ff4-ecee3b2345ee
value: CRITICAL

Trust: 0.2

VULHUB: VHN-117867
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-9664
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-22843
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 4fdfe066-cc27-4be8-9ff4-ecee3b2345ee
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-117867
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-9664
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: 4fdfe066-cc27-4be8-9ff4-ecee3b2345ee // CNVD: CNVD-2017-22843 // VULHUB: VHN-117867 // JVNDB: JVNDB-2017-013494 // CNNVD: CNNVD-201706-573 // NVD: CVE-2017-9664

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

problemtype:CWE-23

Trust: 1.0

sources: VULHUB: VHN-117867 // JVNDB: JVNDB-2017-013494 // NVD: CVE-2017-9664

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201706-573

TYPE

Path traversal

Trust: 0.8

sources: IVD: 4fdfe066-cc27-4be8-9ff4-ecee3b2345ee // CNNVD: CNNVD-201706-573

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-013494

PATCH
title:SREA-01url:https://new.abb.com/products/TEMP.FIDRI3AUA0000039179
Trust: 0.8
title:SREA-50url:https://new.abb.com/products/ABB3AXD50000000263
Trust: 0.8
title:ABBSREA-01 and SREA-50 have patches for directory traversal vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/100829
Trust: 0.6
title:ABB SREA-01  and SREA-50 Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99845
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-22843 // 
            
            
            
            JVNDB: JVNDB-2017-013494 // 
            
            
            
            CNNVD: CNNVD-201706-573

EXTERNAL IDS
db:NVDid:CVE-2017-9664
Trust: 3.6
db:ICS CERTid:ICSA-17-222-05
Trust: 3.4
db:BIDid:100260
Trust: 2.0
db:CNNVDid:CNNVD-201706-573
Trust: 0.9
db:CNVDid:CNVD-2017-22843
Trust: 0.8
db:JVNDBid:JVNDB-2017-013494
Trust: 0.8
db:IVDid:4FDFE066-CC27-4BE8-9FF4-ECEE3B2345EE
Trust: 0.2
db:VULHUBid:VHN-117867
Trust: 0.1
sources:
            
            
            IVD: 4fdfe066-cc27-4be8-9ff4-ecee3b2345ee // 
            
            
            
            CNVD: CNVD-2017-22843 // 
            
            
            
            VULHUB: VHN-117867 // 
            
            
            
            BID: 100260 // 
            
            
            
            JVNDB: JVNDB-2017-013494 // 
            
            
            
            CNNVD: CNNVD-201706-573 // 
            
            
            
            NVD: CVE-2017-9664

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-17-222-05
Trust: 3.4
url:http://www.securityfocus.com/bid/100260
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9664
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-9664
Trust: 0.8
url:http://www.abb.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-22843 // 
            
            
            
            VULHUB: VHN-117867 // 
            
            
            
            BID: 100260 // 
            
            
            
            JVNDB: JVNDB-2017-013494 // 
            
            
            
            CNNVD: CNNVD-201706-573 // 
            
            
            
            NVD: CVE-2017-9664

CREDITS
Bertin Jose and Fernandez Ezequiel
Trust: 0.3
sources:
            
            
            BID: 100260

SOURCES
db:IVDid:4fdfe066-cc27-4be8-9ff4-ecee3b2345ee
db:CNVDid:CNVD-2017-22843
db:VULHUBid:VHN-117867
db:BIDid:100260
db:JVNDBid:JVNDB-2017-013494
db:CNNVDid:CNNVD-201706-573
db:NVDid:CVE-2017-9664

LAST UPDATE DATE
2024-11-23T21:38:58.278000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-22843date:2017-08-25T00:00:00
db:VULHUBid:VHN-117867date:2019-10-09T00:00:00
db:BIDid:100260date:2017-08-10T00:00:00
db:JVNDBid:JVNDB-2017-013494date:2018-07-23T00:00:00
db:CNNVDid:CNNVD-201706-573date:2019-10-17T00:00:00
db:NVDid:CVE-2017-9664date:2024-11-21T03:36:36.617

SOURCES RELEASE DATE
db:IVDid:4fdfe066-cc27-4be8-9ff4-ecee3b2345eedate:2017-08-25T00:00:00
db:CNVDid:CNVD-2017-22843date:2017-08-11T00:00:00
db:VULHUBid:VHN-117867date:2018-05-24T00:00:00
db:BIDid:100260date:2017-08-10T00:00:00
db:JVNDBid:JVNDB-2017-013494date:2018-07-23T00:00:00
db:CNNVDid:CNNVD-201706-573date:2017-06-15T00:00:00
db:NVDid:CVE-2017-9664date:2018-05-24T20:29:00.257