CVE-2017-17974

Опубликовано: 29 дек. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative access by subsequently using the credential information for the Supervisor/Administrator account.

Ссылки

http://misteralfa-hack.blogspot.cl/2017/12/ba-system-improper-access-control.html
Exploit
Third Party Advisory
https://github.com/ezelf/baCK_system
Third Party Advisory
http://misteralfa-hack.blogspot.cl/2017/12/ba-system-improper-access-control.html
Exploit
Third Party Advisory
https://github.com/ezelf/baCK_system
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:basystems:bas920_firmware:01.01.00:*:*:*:*:*:*:*

cpe:2.3:h:basystems:bas920:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:basystems:isc2000_firmware:01.01.00:*:*:*:*:*:*:*

cpe:2.3:h:basystems:isc2000:-:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00458

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-mwhh-pvh6-rh64