FKIE_CVE-2017-16743
Vulnerability from fkie_nvd - Published: 2018-01-12 20:29 - Updated: 2024-11-21 03:16
Severity ?
Summary
An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to craft special HTTP requests allowing an attacker to bypass web-service authentication allowing the attacker to obtain administrative privileges on the device.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://cert.vde.com/en-us/advisories/vde-2017-006 | ||
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-18-011-03 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en-us/advisories/vde-2017-006 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-18-011-03 | Patch, Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3005_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F748030-ECA1-4013-89EE-58FB506E302A",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3005:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD6E20C-23E3-4D04-879B-2AC6EF428947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3005t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FEE18F6-5F4C-4CB1-9B38-CA376D71612C",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3005t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "378D94CF-D885-42D4-8A0E-21CD748F6807",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3004t-fx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77DCA24C-FCB8-4979-B54B-A2A098711C43",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3004t-fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA9C98D8-21D3-45C1-B060-A9A9E2F3C097",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3004t-fx_st_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E01B45-DD15-41E4-945F-123B73360120",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3004t-fx_st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7741E125-4A42-49D9-B042-F9CE55635AAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3008_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB35B6F8-5D90-4604-884E-5C9B89AF2B91",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6CE354-013E-4F95-BC30-1C9B319EBED2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3008t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C25D258-044B-47AE-A668-AAD287D8974D",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3008t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AABEF33-10A0-4799-B838-56EDD19DA0C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3006t-2fx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49A89D53-44D8-4023-B064-B7B448181A2D",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3006t-2fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "183345F0-1A43-4721-99C1-6F1A7DF951C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3006t-2fx_st_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB79BD9B-F638-44A4-B48A-35FCB11A9F3B",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3006t-2fx_st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "745B393D-B1D4-49B3-B869-54B103DDC09E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3012e-2sfx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B27A1E3E-5286-44B0-832E-7DE36973537B",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3012e-2sfx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E73E8DE-CCC4-43EC-8DD5-B8F75EA06A79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3016e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326D8451-B4FA-4888-9CA9-BD9695C825F6",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3016e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE50CC4-384B-499F-BC7D-E66AB2B8D42F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3016_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFEE95D9-F800-4620-A772-79999997C8D8",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE5BBAFE-2229-4472-BED8-30A5A2547746",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3016t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9948A68E-C0FA-4F57-9F33-C3D754A70247",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3016t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20E4B7B8-0BCF-4A6D-A1D6-D76D7B67277D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3006t-2fx_sm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDE07BD-7F3B-4708-8CA9-E8D0BFA75192",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3006t-2fx_sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94001A55-C569-4FD3-BB74-9EC7D85C1473",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4008t-2sfp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD96136-0226-4C50-AB20-23D43A59E6A1",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4008t-2sfp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDDB1D7-3E0C-4C06-B19F-A2FE8F6CC541",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4008t-2gt-4fx_sm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3384E849-9456-4BC2-97F7-F451302D607F",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4008t-2gt-4fx_sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB83F75C-61AD-4161-B7FC-815BB79DD84C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4008t-2gt-3fx_sm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95C6B3B8-C472-4891-BFB4-0D8BD2FB3EA1",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4008t-2gt-3fx_sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59A8884E-A04E-4A52-9CE6-8EE210F6CA8A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4808e-16fx_lc-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90EC16BB-4437-4F6D-AF6F-98DEDC88B3A3",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4808e-16fx_lc-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D2ACFB7-4685-48F2-8741-AD0ECFC8804E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4808e-16fx_sm-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95548922-A0F4-4820-8F0B-D1A9FB65783C",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4808e-16fx_sm-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "640ECB9C-3D8C-4BCD-A0AF-AA79DE508FD0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4808e-16fx_sm_st-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D422D38-9E5A-418E-B0BF-152B703968D7",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4808e-16fx_sm_st-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24767260-220D-40D2-82D4-944DD1557C68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4808e-16fx_st-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A20C94-DC20-4CC7-9DFC-2F57DCE3A2EF",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4808e-16fx_st-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1D7163-5489-47A3-B6DF-13C2C137CD39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4808e-16fx-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34E26731-B310-47D8-99CC-752074944397",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4808e-16fx-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4CF1D6-AEB2-4A75-959A-81F70FE7A634",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4808e-16fx_sm_lc-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68E7EE37-9E84-4722-AE22-25AF3D402FA3",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4808e-16fx_sm_lc-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A11C522-B022-4F38-9DE9-189BAB367CA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4012t_2gt_2fx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC5F84EB-9E88-4958-9ECD-E8D428715495",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4012t_2gt_2fx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8A0E7B-0B6D-496C-81A4-077C4D1BA2BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4012t-2gt-2fx_st_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "487FB566-6913-4535-A74F-2244A0E2F288",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4012t-2gt-2fx_st:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67F3A41E-72FA-4876-B29C-810A83237E74",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4824e-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA669231-0327-4D71-976C-50961CCFFBD1",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4824e-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AF48CE-231F-42F9-BF50-B3E8FB49D0F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4800e-24fx-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81C8FF1E-3FF5-47FA-83FA-3A74DA5BAA87",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4800e-24fx-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5516A419-3B65-4866-91AD-7824C7D93A1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4800e-24fx_sm-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3535FEAD-26DA-46EA-BE51-119A8F7F152E",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4800e-24fx_sm-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D8EBCA-D4C9-4698-B0A6-78796228ABD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4800e-24fx_sm-4gc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3535FEAD-26DA-46EA-BE51-119A8F7F152E",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4800e-24fx_sm-4gc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D8EBCA-D4C9-4698-B0A6-78796228ABD7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_3012e-2fx_sm_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B487717-1253-4A30-8936-507039003258",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_3012e-2fx_sm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E13750CC-A1ED-4AC5-BE05-C70B0A8E697D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:phoenixcontact:fl_switch_4000t-8poe-2sfp-r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D440E3E-FF36-4584-ACC9-C3DAE50930E1",
"versionEndIncluding": "1.32",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:phoenixcontact:fl_switch_4000t-8poe-2sfp-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5C8DB2C-0647-42FC-A401-264A6A00621E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to craft special HTTP requests allowing an attacker to bypass web-service authentication allowing the attacker to obtain administrative privileges on the device."
},
{
"lang": "es",
"value": "Se ha descubierto un problema de autorizaci\u00f3n indebida en productos PHOENIX CONTACT FL SWITCH 3xxx, 4xxx y 48xxx Series que ejecutan las versiones de firmware 1.0 a 1.32. Un atacante remoto no autenticado podr\u00eda manipular peticiones HTTP especiales que permiten que un atacante omita la autenticaci\u00f3n del servicio web. Esto permitir\u00eda que el atacante obtenga privilegios de administrador en el dispositivo."
}
],
"id": "CVE-2017-16743",
"lastModified": "2024-11-21T03:16:53.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-12T20:29:00.387",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-006"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-03"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…