Sign-up

ID

VAR-201808-0077


CVE

CVE-2017-16744


TITLE

Tridium Niagara AX Framework and Niagara 4 Framework Path Traversal Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2018-15731 // CNNVD: CNNVD-201808-568

DESCRIPTION

A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid platform (administrator) credentials. Tridium Niagara AX Framework and Niagara 4 Framework are both IoT business application frameworks from Tridium. The vulnerability stems from the program's insufficient filtering of user-submitted input. A remote attacker could use this vulnerability to obtain sensitive information with valid platform administrator credentials. Tridium Niagara is prone to directory-traversal vulnerability and authentication-bypass vulnerability because the application fails to sufficiently sanitize user-supplied input

Trust: 3.24

sources: NVD: CVE-2017-16744 // JVNDB: JVNDB-2017-014181 // CNVD: CNVD-2018-15731 // CNNVD: CNNVD-201808-568 // BID: 105101 // IVD: e2f8391e-39ab-11e9-8682-000c29342cb1 // VULMON: CVE-2017-16744

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2f8391e-39ab-11e9-8682-000c29342cb1 // CNVD: CNVD-2018-15731

AFFECTED PRODUCTS

vendor:tridiummodel:niagara ax frameworkscope:lteversion:3.8

Trust: 1.8

vendor:tridiummodel:niagarascope:gteversion:4.0

Trust: 1.0

vendor:tridiummodel:niagarascope:lteversion:4.4

Trust: 1.0

vendor:tridiummodel:niagara ax frameworkscope:eqversion:3.8

Trust: 0.9

vendor:tridiummodel:niagarascope:lteversion:4 systems 4.4

Trust: 0.8

vendor:tridiummodel:niagara ax frameworkscope:lteversion:<=3.8

Trust: 0.6

vendor:tridiummodel:niagara frameworkscope:eqversion:4<=4.4

Trust: 0.6

vendor:tridiummodel:niagarascope:eqversion:4.2

Trust: 0.6

vendor:tridiummodel:niagarascope:eqversion:4.4

Trust: 0.6

vendor:tridiummodel:niagarascope:eqversion:4.0

Trust: 0.6

vendor:tridiummodel:niagarascope:eqversion:4.3

Trust: 0.6

vendor:tridiummodel:niagarascope:eqversion:4.1

Trust: 0.6

vendor:tridiummodel:frameworkscope:eqversion:44.4

Trust: 0.3

vendor:niagaramodel: - scope:eqversion:*

Trust: 0.2

vendor:niagara ax frameworkmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2f8391e-39ab-11e9-8682-000c29342cb1 // CNVD: CNVD-2018-15731 // BID: 105101 // JVNDB: JVNDB-2017-014181 // CNNVD: CNNVD-201808-568 // NVD: CVE-2017-16744

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-16744
value: HIGH

Trust: 1.0

NVD: CVE-2017-16744
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-15731
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201808-568
value: HIGH

Trust: 0.6

IVD: e2f8391e-39ab-11e9-8682-000c29342cb1
value: HIGH

Trust: 0.2

VULMON: CVE-2017-16744
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-16744
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-15731
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2f8391e-39ab-11e9-8682-000c29342cb1
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2017-16744
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: IVD: e2f8391e-39ab-11e9-8682-000c29342cb1 // CNVD: CNVD-2018-15731 // VULMON: CVE-2017-16744 // JVNDB: JVNDB-2017-014181 // CNNVD: CNNVD-201808-568 // NVD: CVE-2017-16744

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2017-014181 // NVD: CVE-2017-16744

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201808-568

TYPE

Path traversal

Trust: 0.8

sources: IVD: e2f8391e-39ab-11e9-8682-000c29342cb1 // CNNVD: CNNVD-201808-568

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-014181

PATCH
title:New Security Update Releases for Niagara AX and Niagara 4url:https://www.tridium.com/~/media/tridium/library/documents/niagara%20ax%2038%20update%204niagara%2044%20update%201.ashx?la=en
Trust: 0.8
title:Patch for Tridium Niagara AX Framework and Niagara 4 Framework Path Traversal Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/138001
Trust: 0.6
title:Tridium Niagara AX Framework  and Niagara 4 Framework Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84154
Trust: 0.6
title:CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagaraurl:https://github.com/GainSec/CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagara 
Trust: 0.1
title: - url:https://github.com/khulnasoft-labs/awesome-security 
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-15731 // 
            
            
            
            VULMON: CVE-2017-16744 // 
            
            
            
            JVNDB: JVNDB-2017-014181 // 
            
            
            
            CNNVD: CNNVD-201808-568

EXTERNAL IDS
db:NVDid:CVE-2017-16744
Trust: 3.6
db:ICS CERTid:ICSA-18-191-03
Trust: 3.4
db:ICS CERTid:ICSA-19-022-01
Trust: 2.8
db:BIDid:105101
Trust: 2.0
db:CNVDid:CNVD-2018-15731
Trust: 0.8
db:CNNVDid:CNNVD-201808-568
Trust: 0.8
db:JVNDBid:JVNDB-2017-014181
Trust: 0.8
db:IVDid:E2F8391E-39AB-11E9-8682-000C29342CB1
Trust: 0.2
db:VULMONid:CVE-2017-16744
Trust: 0.1
sources:
            
            
            IVD: e2f8391e-39ab-11e9-8682-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2018-15731 // 
            
            
            
            VULMON: CVE-2017-16744 // 
            
            
            
            BID: 105101 // 
            
            
            
            JVNDB: JVNDB-2017-014181 // 
            
            
            
            CNNVD: CNNVD-201808-568 // 
            
            
            
            NVD: CVE-2017-16744

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-191-03
Trust: 3.4
url:https://ics-cert.us-cert.gov/advisories/icsa-19-022-01
Trust: 2.9
url:http://www.securityfocus.com/bid/105101
Trust: 2.3
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16744
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-16744
Trust: 0.8
url:https://www.tridium.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/22.html
Trust: 0.1
url:https://github.com/gainsec/cve-2017-16744-and-cve-2017-16748-tridium-niagara
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-15731 // 
            
            
            
            VULMON: CVE-2017-16744 // 
            
            
            
            BID: 105101 // 
            
            
            
            JVNDB: JVNDB-2017-014181 // 
            
            
            
            CNNVD: CNNVD-201808-568 // 
            
            
            
            NVD: CVE-2017-16744

CREDITS
Johnathan Gains and Leet Cyber Security.
Trust: 0.9
sources:
            
            
            BID: 105101 // 
            
            
            
            CNNVD: CNNVD-201808-568

SOURCES
db:IVDid:e2f8391e-39ab-11e9-8682-000c29342cb1
db:CNVDid:CNVD-2018-15731
db:VULMONid:CVE-2017-16744
db:BIDid:105101
db:JVNDBid:JVNDB-2017-014181
db:CNNVDid:CNNVD-201808-568
db:NVDid:CVE-2017-16744

LAST UPDATE DATE
2024-11-23T22:06:39.529000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-15731date:2018-08-21T00:00:00
db:VULMONid:CVE-2017-16744date:2019-04-03T00:00:00
db:BIDid:105101date:2019-01-23T07:00:00
db:JVNDBid:JVNDB-2017-014181date:2019-01-23T00:00:00
db:CNNVDid:CNNVD-201808-568date:2019-04-04T00:00:00
db:NVDid:CVE-2017-16744date:2024-11-21T03:16:53.327

SOURCES RELEASE DATE
db:IVDid:e2f8391e-39ab-11e9-8682-000c29342cb1date:2018-08-21T00:00:00
db:CNVDid:CNVD-2018-15731date:2018-08-21T00:00:00
db:VULMONid:CVE-2017-16744date:2018-08-20T00:00:00
db:BIDid:105101date:2018-08-16T00:00:00
db:JVNDBid:JVNDB-2017-014181date:2018-11-07T00:00:00
db:CNNVDid:CNNVD-201808-568date:2018-08-20T00:00:00
db:NVDid:CVE-2017-16744date:2018-08-20T21:29:00.683