cnvd - cnvd-2017-20972

CNVD-2017-20972

Vulnerability from cnvd - Published: 2017-08-15

Title

Intercom MaLion for Windows和MaLion for Mac认证绕过漏洞

Description

Intercom MaLion for Windows和MaLion for Mac都是日本Intercom公司的产品。Intercom MaLion for Windows是一款基于Windows平台的IT资产管理解决方案。MaLion for Mac是基于Mac平台的版本。基于Windows平台的Intercom MaLion 5.2.1及之前的版本和基于Mac平台的MaLion 4.0.1版本至5.2.1版本中存在安全漏洞。远程攻击者可利用该漏洞在Terminal Agent上执行任意命令或操作。

Severity

高

Patch Name

Intercom MaLion for Windows和MaLion for Mac认证绕过漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://jvn.jp/en/vu/JVNVU91587298/index.html

Reference

https://jvn.jp/en/vu/JVNVU91587298/index.html

Impacted products

Name
['Intercom MaLion for Windows <=5.2.1', 'Intercom MaLion for Mac >=4.0.1，<=5.2.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-10815"
    }
  },
  "description": "Intercom MaLion for Windows\u548cMaLion for Mac\u90fd\u662f\u65e5\u672cIntercom\u516c\u53f8\u7684\u4ea7\u54c1\u3002Intercom MaLion for Windows\u662f\u4e00\u6b3e\u57fa\u4e8eWindows\u5e73\u53f0\u7684IT\u8d44\u4ea7\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002MaLion for Mac\u662f\u57fa\u4e8eMac\u5e73\u53f0\u7684\u7248\u672c\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0\u7684Intercom MaLion 5.2.1\u53ca\u4e4b\u524d\u7684\u7248\u672c\u548c\u57fa\u4e8eMac\u5e73\u53f0\u7684MaLion 4.0.1\u7248\u672c\u81f35.2.1\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728Terminal Agent\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u6216\u64cd\u4f5c\u3002",
  "discovererName": "Muneaki Nishimura of of Recruit Technologies Co.,Ltd. RED TEAM",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://jvn.jp/en/vu/JVNVU91587298/index.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-20972",
  "openTime": "2017-08-15",
  "patchDescription": "Intercom MaLion for Windows\u548cMaLion for Mac\u90fd\u662f\u65e5\u672cIntercom\u516c\u53f8\u7684\u4ea7\u54c1\u3002Intercom MaLion for Windows\u662f\u4e00\u6b3e\u57fa\u4e8eWindows\u5e73\u53f0\u7684IT\u8d44\u4ea7\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002MaLion for Mac\u662f\u57fa\u4e8eMac\u5e73\u53f0\u7684\u7248\u672c\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0\u7684Intercom MaLion 5.2.1\u53ca\u4e4b\u524d\u7684\u7248\u672c\u548c\u57fa\u4e8eMac\u5e73\u53f0\u7684MaLion 4.0.1\u7248\u672c\u81f35.2.1\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728Terminal Agent\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u6216\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intercom MaLion for Windows\u548cMaLion for Mac\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Intercom MaLion for Windows \u003c=5.2.1",
      "Intercom MaLion for Mac \u003e=4.0.1\uff0c\u003c=5.2.1"
    ]
  },
  "referenceLink": "https://jvn.jp/en/vu/JVNVU91587298/index.html",
  "serverity": "\u9ad8",
  "submitTime": "2017-08-07",
  "title": "Intercom MaLion for Windows\u548cMaLion for Mac\u8ba4\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2017-10815 (GCVE-0-2017-10815)

Vulnerability from cvelistv5 – Published: 2017-08-04 16:00 – Updated: 2024-08-05 17:50

Summary

MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when "Remote Control" is installed) allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent.

Severity ?

No CVSS data available.

CWE

Authentication bypass

Assigner

jpcert

References

URL

Tags

	http://www.intercom.co.jp/information/2017/0801.html	x_refsource_MISC
	https://jvn.jp/en/vu/JVNVU91587298/index.html	x_refsource_MISC

Impacted products

Vendor

Product

Version

Intercom, Inc.

MaLion for Windows

Affected: 5.2.1 and earlier (only when "Remote Control" is installed)

Intercom, Inc.

MaLion for Mac

Affected: 4.0.1 to 5.2.1 (only when "Remote Control" is installed)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:50:12.095Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.intercom.co.jp/information/2017/0801.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/vu/JVNVU91587298/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MaLion for Windows",
          "vendor": "Intercom, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "5.2.1 and earlier (only when \"Remote Control\" is installed)"
            }
          ]
        },
        {
          "product": "MaLion for Mac",
          "vendor": "Intercom, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "4.0.1 to  5.2.1 (only when \"Remote Control\" is installed)"
            }
          ]
        }
      ],
      "datePublic": "2017-08-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MaLion for Windows 5.2.1 and earlier (only when \"Remote Control\" is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when \"Remote Control\" is installed) allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authentication bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-11T01:57:01",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.intercom.co.jp/information/2017/0801.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/en/vu/JVNVU91587298/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2017-10815",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MaLion for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "5.2.1 and earlier (only when \"Remote Control\" is installed)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "MaLion for Mac",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.0.1 to  5.2.1 (only when \"Remote Control\" is installed)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intercom, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MaLion for Windows 5.2.1 and earlier (only when \"Remote Control\" is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when \"Remote Control\" is installed) allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authentication bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.intercom.co.jp/information/2017/0801.html",
              "refsource": "MISC",
              "url": "http://www.intercom.co.jp/information/2017/0801.html"
            },
            {
              "name": "https://jvn.jp/en/vu/JVNVU91587298/index.html",
              "refsource": "MISC",
              "url": "https://jvn.jp/en/vu/JVNVU91587298/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2017-10815",
    "datePublished": "2017-08-04T16:00:00",
    "dateReserved": "2017-07-04T00:00:00",
    "dateUpdated": "2024-08-05T17:50:12.095Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-20972

CVE-2017-10815 (GCVE-0-2017-10815)

Tags

Sightings

Nomenclature