Details of VAR-202004-1382

ID

VAR-202004-1382

CVE

CVE-2017-18819

TITLE

NETGEAR ReadyNAS OS Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2017-014979

DESCRIPTION

NETGEAR ReadyNAS OS 6 devices, running ReadyNAS OS versions prior to 6.8.0 are affected by incorrect configuration of security settings. NETGEAR ReadyNAS OS There is an unspecified vulnerability in.Information may be obtained. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

Trust: 1.71

sources: NVD: CVE-2017-18819 // JVNDB: JVNDB-2017-014979 // VULHUB: VHN-109979

AFFECTED PRODUCTS

vendor:	netgear	model:	readynas os	scope:	lt	version:	6.8.0	Trust: 1.0
vendor:	netgear	model:	readynas os	scope:	gte	version:	6.0	Trust: 1.0
vendor:	netgear	model:	readynas os	scope:	eq	version:	6.8.0	Trust: 0.8

sources: JVNDB: JVNDB-2017-014979 // NVD: CVE-2017-18819

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-18819
value:	LOW
Trust: 1.0
cve@mitre.org:	CVE-2017-18819
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2017-014979
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-202004-1838
value:	LOW
Trust: 0.6
VULHUB:	VHN-109979
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2017-18819
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2017-014979
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-109979
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-18819
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	1.4
version:	3.1
Trust: 1.0
cve@mitre.org:	CVE-2017-18819
baseSeverity:	MEDIUM
baseScore:	4.0
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.5
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	JVNDB-2017-014979
baseSeverity:	LOW
baseScore:	3.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-109979 // JVNDB: JVNDB-2017-014979 // CNNVD: CNNVD-202004-1838 // NVD: CVE-2017-18819 // NVD: CVE-2017-18819

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2017-18819

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202004-1838

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202004-1838

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-014979

PATCH

title:	Security Advisory for Security Misconfiguration Vulnerability on Some ReadyNAS devices, PSV-2017-0289	url:	https://kb.netgear.com/000049046/Security-Advisory-for-Security-Misconfiguration-Vulnerability-on-Some-ReadyNAS-devices-PSV-2017-0289	Trust: 0.8
title:	NETGEAR ReadyNAS OS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116314	Trust: 0.6

sources: JVNDB: JVNDB-2017-014979 // CNNVD: CNNVD-202004-1838

EXTERNAL IDS

db:	NVD	id:	CVE-2017-18819	Trust: 2.5
db:	JVNDB	id:	JVNDB-2017-014979	Trust: 0.8
db:	CNNVD	id:	CNNVD-202004-1838	Trust: 0.7
db:	VULHUB	id:	VHN-109979	Trust: 0.1

sources: VULHUB: VHN-109979 // JVNDB: JVNDB-2017-014979 // CNNVD: CNNVD-202004-1838 // NVD: CVE-2017-18819

REFERENCES

url:	https://kb.netgear.com/000049046/security-advisory-for-security-misconfiguration-vulnerability-on-some-readynas-devices-psv-2017-0289	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2017-18819	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18819	Trust: 0.8

sources: VULHUB: VHN-109979 // JVNDB: JVNDB-2017-014979 // CNNVD: CNNVD-202004-1838 // NVD: CVE-2017-18819

SOURCES

db:	VULHUB	id:	VHN-109979
db:	JVNDB	id:	JVNDB-2017-014979
db:	CNNVD	id:	CNNVD-202004-1838
db:	NVD	id:	CVE-2017-18819

LAST UPDATE DATE

2024-11-23T22:25:32.628000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-109979	date:	2020-04-29T00:00:00
db:	JVNDB	id:	JVNDB-2017-014979	date:	2020-05-27T00:00:00
db:	CNNVD	id:	CNNVD-202004-1838	date:	2020-04-30T00:00:00
db:	NVD	id:	CVE-2017-18819	date:	2024-11-21T03:21:00.140

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-109979	date:	2020-04-21T00:00:00
db:	JVNDB	id:	JVNDB-2017-014979	date:	2020-05-27T00:00:00
db:	CNNVD	id:	CNNVD-202004-1838	date:	2020-04-21T00:00:00
db:	NVD	id:	CVE-2017-18819	date:	2020-04-21T15:15:14.177