CVE-2017-12736

Опубликовано: 26 дек. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 5.8

EPSS Низкий

Описание

After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to write to the device under certain conditions.

This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions.

Ссылки

http://www.securityfocus.com/bid/101041
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039463
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039464
Third Party Advisory
VDB Entry
https://cert-portal.siemens.com/productcert/html/ssa-856721.html
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf
Issue Tracking
Mitigation
Vendor Advisory
http://www.securityfocus.com/bid/101041
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039463
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039464
Third Party Advisory
VDB Entry
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-856721.pdf
Issue Tracking
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*

Версия от 3.0 (включая)

cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*

Версия от 3.0 (включая)

cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*

Версия от 3.0 (включая)

cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:siemens:scalance_xr300-wg_firmware:*:*:*:*:*:*:*:*

Версия от 3.0 (включая)

cpe:2.3:h:siemens:scalance_xr300-wg:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:o:siemens:scalance_xr-500_firmware:*:*:*:*:*:*:*:*

Версия от 6.1 (включая)

cpe:2.3:h:siemens:scalance_xr-500:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*

Версия от 6.1 (включая)

cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*

Конфигурация 7

Одновременно

cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*

Версия до 5.0.1 (исключая)

cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:*

Конфигурация 8

Одновременно

cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*

Версия до 4.3.4 (исключая)

cpe:2.3:h:siemens:ruggedcom:-:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.00149

Низкий

8.8 High

CVSS3

8.8 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-1188

CWE-665

Связанные уязвимости

GHSA-wjv4-g95p-rg69

CVSS3: 8.8

github

больше 3 лет назад

A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0.1), RUGGEDCOM ROS for all other devices (All versions < ROS V4.3.4), SCALANCE XB-200/XC-200/XP-200/XR300-WG (All versions between V3.0 (including) and V3.0.2 (excluding)), SCALANCE XR-500/XM-400 (All versions between V6.1 (including) and V6.1.1 (excluding)). After initial configuration, the Ruggedcom Discovery Protocol (RCDP) is still able to writeto the device under certain conditions, potentially allowing users located in the adjacentnetwork of the targeted device to perform unauthorized administrative actions.

EPSS

Процентиль: 36%

0.00149

Низкий

8.8 High

CVSS3

8.8 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-1188

CWE-665