Details of VAR-201906-0705

ID

VAR-201906-0705

CVE

CVE-2014-9699

TITLE

MakerBot Industries Replicator 5G printer Information Disclosure Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2019-25691 // CNNVD: CNNVD-201906-915

DESCRIPTION

The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server. MakerBot Replicator 5G There is an information disclosure vulnerability in the printer.Information may be obtained. MakerBotIndustriesReplicator5Gprinter is a fifth-generation 3D printer from MakerBotIndustries, USA. via an HTTP server. MakerBot Industries Replicator 5G printer is a fifth-generation 3D printer produced by MakerBot Industries of the United States

Trust: 2.25

sources: NVD: CVE-2014-9699 // JVNDB: JVNDB-2019-005970 // CNVD: CNVD-2019-25691 // VULHUB: VHN-77644

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-25691

AFFECTED PRODUCTS

vendor:	makerbot	model:	replicator 5th generation	scope:	eq	version:	-	Trust: 1.0
vendor:	makerbot	model:	replicator 5g generation	scope:	-	version:	-	Trust: 0.8
vendor:	makerbot	model:	industries replicator 5g printer	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2019-25691 // JVNDB: JVNDB-2019-005970 // NVD: CVE-2014-9699

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-9699
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-9699
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-25691
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201906-915
value:	HIGH
Trust: 0.6
VULHUB:	VHN-77644
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-9699
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-25691
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-77644
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2014-9699
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2019-25691 // VULHUB: VHN-77644 // JVNDB: JVNDB-2019-005970 // CNNVD: CNNVD-201906-915 // NVD: CVE-2014-9699

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-77644 // JVNDB: JVNDB-2019-005970 // NVD: CVE-2014-9699

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201906-915

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201906-915

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005970

PATCH

title:	MakerBot Desktop Release Notes	url:	https://support.makerbot.com/learn/makerbot-desktop-software/release-notes/makerbot-desktop-release-notes_13520	Trust: 0.8
title:	MakerBotIndustriesReplicator5Gprinter Information Disclosure Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/172783	Trust: 0.6
title:	MakerBot Industries Replicator 5G printer Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94044	Trust: 0.6

sources: CNVD: CNVD-2019-25691 // JVNDB: JVNDB-2019-005970 // CNNVD: CNNVD-201906-915

EXTERNAL IDS

db:	NVD	id:	CVE-2014-9699	Trust: 3.1
db:	JVNDB	id:	JVNDB-2019-005970	Trust: 0.8
db:	CNNVD	id:	CNNVD-201906-915	Trust: 0.7
db:	CNVD	id:	CNVD-2019-25691	Trust: 0.6
db:	VULHUB	id:	VHN-77644	Trust: 0.1

sources: CNVD: CNVD-2019-25691 // VULHUB: VHN-77644 // JVNDB: JVNDB-2019-005970 // CNNVD: CNNVD-201906-915 // NVD: CVE-2014-9699

REFERENCES

url:	https://support.makerbot.com/learn/makerbot-desktop-software/release-notes/makerbot-desktop-release-notes_13520	Trust: 2.3
url:	https://secur3.us/index.php/vulnerabilities/	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2014-9699	Trust: 2.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9699	Trust: 0.8

sources: CNVD: CNVD-2019-25691 // VULHUB: VHN-77644 // JVNDB: JVNDB-2019-005970 // CNNVD: CNNVD-201906-915 // NVD: CVE-2014-9699

SOURCES

db:	CNVD	id:	CNVD-2019-25691
db:	VULHUB	id:	VHN-77644
db:	JVNDB	id:	JVNDB-2019-005970
db:	CNNVD	id:	CNNVD-201906-915
db:	NVD	id:	CVE-2014-9699

LAST UPDATE DATE

2024-11-23T22:30:01.348000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-25691	date:	2019-08-02T00:00:00
db:	VULHUB	id:	VHN-77644	date:	2019-07-03T00:00:00
db:	JVNDB	id:	JVNDB-2019-005970	date:	2019-07-04T00:00:00
db:	CNNVD	id:	CNNVD-201906-915	date:	2019-07-08T00:00:00
db:	NVD	id:	CVE-2014-9699	date:	2024-11-21T02:21:28.413

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-25691	date:	2019-08-02T00:00:00
db:	VULHUB	id:	VHN-77644	date:	2019-06-24T00:00:00
db:	JVNDB	id:	JVNDB-2019-005970	date:	2019-07-04T00:00:00
db:	CNNVD	id:	CNNVD-201906-915	date:	2019-06-24T00:00:00
db:	NVD	id:	CVE-2014-9699	date:	2019-06-24T21:15:11.270