cvelistv5 - cve-2017-7918

CVE-2017-7918 (GCVE-0-2017-7918)

Vulnerability from cvelistv5 – Published: 2017-06-21 19:00 – Updated: 2024-08-05 16:19

Summary

Severity ?

No CVSS data available.

CWE

CWE-284

Assigner

icscert

References

URL

	Vendor	Product	Version
	n/a	Cambium Networks ePMP	Affected: Cambium Networks ePMP

CNVD-2017-14370

Vulnerability from cnvd - Published: 2017-07-13

Title

Cambium Networks ePMP访问控制错误漏洞

Description

Cambium Networks ePMP是美国Cambium Networks公司的一套无线网络接入平台。该平台提供视频监控、Wi-Fi热点和传感器连接等功能。 Cambium Networks ePMP中存在访问控制错误漏洞。远程攻击者可利用该漏洞获取敏感信息的访问权限或可能更改配置。

Severity

中

Patch Name

Cambium Networks ePMP访问控制错误漏洞的补丁

Patch Description

Cambium Networks ePMP是美国Cambium Networks公司的一套无线网络接入平台。该平台提供视频监控、Wi-Fi热点和传感器连接等功能。 Cambium Networks ePMP中存在访问控制错误漏洞。远程攻击者可利用该漏洞获取敏感信息的访问权限或可能更改配置。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： http://www.cambiumnetworks.com/

Reference

http://www.securityfocus.com/bid/99083

Impacted products

Name
Cambium Networks ePMP 1000

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "99083"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-7918"
    }
  },
  "description": "Cambium Networks ePMP\u662f\u7f8e\u56fdCambium Networks\u516c\u53f8\u7684\u4e00\u5957\u65e0\u7ebf\u7f51\u7edc\u63a5\u5165\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u89c6\u9891\u76d1\u63a7\u3001Wi-Fi\u70ed\u70b9\u548c\u4f20\u611f\u5668\u8fde\u63a5\u7b49\u529f\u80fd\u3002\r\n\r\nCambium Networks ePMP\u4e2d\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7684\u8bbf\u95ee\u6743\u9650\u6216\u53ef\u80fd\u66f4\u6539\u914d\u7f6e\u3002",
  "discovererName": "Karn Ganeshen",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.cambiumnetworks.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-14370",
  "openTime": "2017-07-13",
  "patchDescription": "Cambium Networks ePMP\u662f\u7f8e\u56fdCambium Networks\u516c\u53f8\u7684\u4e00\u5957\u65e0\u7ebf\u7f51\u7edc\u63a5\u5165\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u89c6\u9891\u76d1\u63a7\u3001Wi-Fi\u70ed\u70b9\u548c\u4f20\u611f\u5668\u8fde\u63a5\u7b49\u529f\u80fd\u3002\r\n\r\nCambium Networks ePMP\u4e2d\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7684\u8bbf\u95ee\u6743\u9650\u6216\u53ef\u80fd\u66f4\u6539\u914d\u7f6e\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cambium Networks ePMP\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cambium Networks ePMP 1000"
  },
  "referenceLink": "http://www.securityfocus.com/bid/99083",
  "serverity": "\u4e2d",
  "submitTime": "2017-06-22",
  "title": "Cambium Networks ePMP\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}

GHSA-M8GH-987P-HRF6

Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36

Details

Severity ?

6.8 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-7918"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-21T19:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes.",
  "id": "GHSA-m8gh-987p-hrf6",
  "modified": "2022-05-13T01:36:14Z",
  "published": "2022-05-13T01:36:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7918"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99083"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

VAR-201706-0663

Vulnerability from variot - Updated: 2023-12-18 13:44

An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes. The platform provides features such as video surveillance, Wi-Fi hotspots and sensor connectivity. Exploiting these issues will allow attackers to bypass certain security restrictions and gain elevated privileges. Other attacks are also possible

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201706-0663",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "epmp 1000 hotspot",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 2000",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp elevate",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 1000",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 1000 hotspot",
        "scope": null,
        "trust": 0.8,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 1000",
        "scope": null,
        "trust": 0.8,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp 2000",
        "scope": null,
        "trust": 0.8,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "epmp elevate",
        "scope": null,
        "trust": 0.8,
        "vendor": "cambium",
        "version": null
      },
      {
        "model": "networks epmp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cambium",
        "version": "1000"
      },
      {
        "model": "networks epmp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cambium",
        "version": "0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "epmp 1000",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "epmp elevate",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "epmp 2000",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "epmp 1000 hotspot",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_1000_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_elevate_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_elevate:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_2000_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_2000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_1000_hotspot_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_1000_hotspot:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-7918"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Karn Ganeshen",
    "sources": [
      {
        "db": "BID",
        "id": "99083"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-7918",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2017-7918",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "CNVD-2017-14370",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.8,
            "id": "VHN-116121",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "LOW",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.1,
            "impactScore": 4.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "Low",
            "baseScore": 6.8,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-7918",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-7918",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-14370",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201704-1052",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-116121",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116121"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes. The platform provides features such as video surveillance, Wi-Fi hotspots and sensor connectivity. \nExploiting these issues will allow attackers to bypass certain security restrictions and gain elevated privileges. Other attacks are also possible",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-7918"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116121"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-7918",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-166-01",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "99083",
        "trust": 2.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "8D7F7ADE-BEC5-43C4-9E06-76B64BF6626D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-116121",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116121"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ]
  },
  "id": "VAR-201706-0663",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116121"
      }
    ],
    "trust": 1.8230769
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:44:01.501000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.cambiumnetworks.com/"
      },
      {
        "title": "Cambium Networks ePMP Access Control Error Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/98071"
      },
      {
        "title": "Cambium Networks ePMP Fixes for access control error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=100394"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-269",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-284",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-116121"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7918"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-166-01"
      },
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/99083"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7918"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7918"
      },
      {
        "trust": 0.3,
        "url": "http://www.cambiumnetworks.com/products/access/epmp-1000/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116121"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "VULHUB",
        "id": "VHN-116121"
      },
      {
        "db": "BID",
        "id": "99083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-13T00:00:00",
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "date": "2017-07-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "date": "2017-06-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-116121"
      },
      {
        "date": "2017-06-14T00:00:00",
        "db": "BID",
        "id": "99083"
      },
      {
        "date": "2017-07-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "date": "2017-06-21T19:29:00.400000",
        "db": "NVD",
        "id": "CVE-2017-7918"
      },
      {
        "date": "2017-04-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-116121"
      },
      {
        "date": "2017-06-14T00:00:00",
        "db": "BID",
        "id": "99083"
      },
      {
        "date": "2017-07-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-005034"
      },
      {
        "date": "2019-10-09T23:29:57.890000",
        "db": "NVD",
        "id": "CVE-2017-7918"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cambium Networks ePMP Access Control Error Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14370"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Access control error",
    "sources": [
      {
        "db": "IVD",
        "id": "8d7f7ade-bec5-43c4-9e06-76b64bf6626d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201704-1052"
      }
    ],
    "trust": 0.8
  }
}

ICSA-17-166-01

Vulnerability from csaf_cisa - Published: 2017-06-15 00:00 - Updated: 2017-06-15 00:00

Summary

Cambium Networks ePMP

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Countries/areas deployed

Worldwide

Company headquarters location

Rolling Meadows, Illinois

Recommended Practices

NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.

Exploitability

Exploits that target these vulnerabilities are publicly available.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Karn Ganeshen"
        ],
        "summary": "identifying these vulnerabilities"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Rolling Meadows, Illinois",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the ICS -CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "Exploits that target these vulnerabilities are publicly available.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-166-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-166-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-17-166-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-166-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-17-166-01"
      }
    ],
    "title": "Cambium Networks ePMP",
    "tracking": {
      "current_release_date": "2017-06-15T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-17-166-01",
      "initial_release_date": "2017-06-15T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2017-06-15T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-17-166-01 Cambium Networks ePMP"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "ePMP: All Models",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "ePMP"
          }
        ],
        "category": "vendor",
        "name": "Cambium Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-7918",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes.CVE-2017-7918 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7918"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Cambium recommends that users with the affected products should update to firmware version 3.4-RC7 or newer. This update can be found by logging in at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.cambiumnetworks.com/login"
        },
        {
          "category": "mitigation",
          "details": "Cambium also recommends that users edit default SNMP configuration. Affected models come set with the default values of \u201cpublic\u201d and \u201cprivate\u201d for RO (read only) and RW (read write) community strings. Cambium recommends changing this to a random string consisting of eight or more characters in length, including both upper and lower case letters and numbers for variability.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2017-7922",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.CVE-2017-7922 has been assigned to this vulnerability. A CVSS v3 base score of 7.6 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7922"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Cambium recommends that users with the affected products should update to firmware version 3.4-RC7 or newer. This update can be found by logging in at the following location:",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.cambiumnetworks.com/login"
        },
        {
          "category": "mitigation",
          "details": "Cambium also recommends that users edit default SNMP configuration. Affected models come set with the default values of \u201cpublic\u201d and \u201cprivate\u201d for RO (read only) and RW (read write) community strings. Cambium recommends changing this to a random string consisting of eight or more characters in length, including both upper and lower case letters and numbers for variability.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

FKIE_CVE-2017-7918

Vulnerability from fkie_nvd - Published: 2017-06-21 19:29 - Updated: 2025-04-20 01:37

Severity ?

6.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/99083	Third Party Advisory, US Government Resource
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99083	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
cambium_networks	epmp_1000_firmware	-
cambium_networks	epmp_1000	-
cambium_networks	epmp_elevate_firmware	-
cambium_networks	epmp_elevate	-
cambium_networks	epmp_2000_firmware	-
cambium_networks	epmp_2000	-
cambium_networks	epmp_1000_hotspot_firmware	-
cambium_networks	epmp_1000_hotspot	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cambium_networks:epmp_1000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F8AFE87-7DE5-4D09-AC45-DDD967939A37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cambium_networks:epmp_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A64386E5-D470-4D75-8DBC-1686285BE06F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cambium_networks:epmp_elevate_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1A9AA7F-3427-412B-A3D1-0F48E5FD3394",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cambium_networks:epmp_elevate:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44737752-57D7-4DB3-B9F4-D7E52189F511",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cambium_networks:epmp_2000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B140BE5-6FD1-4588-839E-461658EC851D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cambium_networks:epmp_2000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51C390E5-C5B7-449A-AFA1-8C746F08D7C6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cambium_networks:epmp_1000_hotspot_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "462EBA74-3C0D-427D-8993-BAC5383D8AF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cambium_networks:epmp_1000_hotspot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC142E94-06B3-4C18-A281-042B66AAB51E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema de control de acceso incorrecto en Cambium Networks ePMP. Una vez un usuario v\u00e1lido haya empleado la exportaci\u00f3n de configuraci\u00f3n SNMP, un atacante podr\u00eda desencadenar de forma remota las copias de seguridad de la configuraci\u00f3n del dispositivo mediante MIB espec\u00edficos. Estas copias carecen de un control de acceso correcto y podr\u00edan permitir el acceso a informaci\u00f3n sensible y, posiblemente, permitir cambios en la configuraci\u00f3n."
    }
  ],
  "id": "CVE-2017-7918",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 4.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-21T19:29:00.400",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.securityfocus.com/bid/99083"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.securityfocus.com/bid/99083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2017-7918

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-7918

Aliases

CVE-2017-7918

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-7918",
    "description": "An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes.",
    "id": "GSD-2017-7918"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-7918"
      ],
      "details": "An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes.",
      "id": "GSD-2017-7918",
      "modified": "2023-12-13T01:21:06.678852Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2017-7918",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cambium Networks ePMP",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cambium Networks ePMP"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-284"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "99083",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/99083"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_1000_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_elevate_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_elevate:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_2000_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_2000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cambium_networks:epmp_1000_hotspot_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cambium_networks:epmp_1000_hotspot:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-7918"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive information and possibly allow for configuration changes."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-269"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01"
            },
            {
              "name": "99083",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.securityfocus.com/bid/99083"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.0"
          },
          "exploitabilityScore": 2.1,
          "impactScore": 4.7
        }
      },
      "lastModifiedDate": "2019-10-09T23:29Z",
      "publishedDate": "2017-06-21T19:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-7918 (GCVE-0-2017-7918)

CNVD-2017-14370

GHSA-M8GH-987P-HRF6

VAR-201706-0663

ICSA-17-166-01

FKIE_CVE-2017-7918

GSD-2017-7918

Tags

Sightings

Nomenclature