VAR-201605-0349
Vulnerability from variot - Updated: 2023-12-18 12:20Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlA third party may bypass authentication and change any settings. ESC 8832 is a web-based SCADA system from ESC Corporation of the United States. A security vulnerability exists in ESC 8832 3.02 and earlier. A remote attacker could exploit the vulnerability to unauthorizedly change the configuration. An authentication-bypass vulnerability 2. A privilege-escalation vulnerability An attacker can exploit these issues to bypass the authentication mechanism and to gain elevated privileges on an affected application. This may aid in further attacks. The vulnerability is caused by the program not handling sessions correctly
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esc 8832 data controller",
"scope": "lte",
"trust": 1.0,
"vendor": "envirosys",
"version": "3.02"
},
{
"model": "esc 8832 data controller",
"scope": "lte",
"trust": 0.8,
"vendor": "environmental",
"version": "3.02"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "esc",
"version": "8832\u003c=3.02"
},
{
"model": "esc 8832 data controller",
"scope": "eq",
"trust": 0.6,
"vendor": "envirosys",
"version": "3.02"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "esc 8832 data controller",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808"
},
{
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"db": "NVD",
"id": "CVE-2016-4501"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:envirosys:esc_8832_data_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.02",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4501"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maxim Rupp and Balazs Makany.",
"sources": [
{
"db": "BID",
"id": "90898"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4501",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-4501",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-03675",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-93320",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-4501",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4501",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2016-03675",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-649",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-93320",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808"
},
{
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"db": "VULHUB",
"id": "VHN-93320"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"db": "NVD",
"id": "CVE-2016-4501"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlA third party may bypass authentication and change any settings. ESC 8832 is a web-based SCADA system from ESC Corporation of the United States. A security vulnerability exists in ESC 8832 3.02 and earlier. A remote attacker could exploit the vulnerability to unauthorizedly change the configuration. An authentication-bypass vulnerability\n2. A privilege-escalation vulnerability\nAn attacker can exploit these issues to bypass the authentication mechanism and to gain elevated privileges on an affected application. This may aid in further attacks. The vulnerability is caused by the program not handling sessions correctly",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4501"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"db": "BID",
"id": "90898"
},
{
"db": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808"
},
{
"db": "VULHUB",
"id": "VHN-93320"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4501",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-147-01",
"trust": 3.1
},
{
"db": "CNNVD",
"id": "CNNVD-201605-649",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-03675",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964",
"trust": 0.8
},
{
"db": "BID",
"id": "90898",
"trust": 0.3
},
{
"db": "IVD",
"id": "4D3CC405-6675-4E6B-801B-53CCA2AD5808",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-93320",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808"
},
{
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"db": "VULHUB",
"id": "VHN-93320"
},
{
"db": "BID",
"id": "90898"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"db": "NVD",
"id": "CVE-2016-4501"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
]
},
"id": "VAR-201605-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808"
},
{
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"db": "VULHUB",
"id": "VHN-93320"
}
],
"trust": 0.09
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808"
},
{
"db": "CNVD",
"id": "CNVD-2016-03675"
}
]
},
"last_update_date": "2023-12-18T12:20:30.559000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.envirosys.com/"
},
{
"title": "46415\uff1aEnvironmental Systems Corporation Data Controller Authentication Bypass Vulnerability",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=46415"
},
{
"title": "ESC 8832 is not authorized to patch vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/76665"
},
{
"title": "ESC 8832 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=61959"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93320"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"db": "NVD",
"id": "CVE-2016-4501"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-147-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4501"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4501"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"db": "VULHUB",
"id": "VHN-93320"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"db": "NVD",
"id": "CVE-2016-4501"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808"
},
{
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"db": "VULHUB",
"id": "VHN-93320"
},
{
"db": "BID",
"id": "90898"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"db": "NVD",
"id": "CVE-2016-4501"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-30T00:00:00",
"db": "IVD",
"id": "4d3cc405-6675-4e6b-801b-53cca2ad5808"
},
{
"date": "2016-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"date": "2016-05-31T00:00:00",
"db": "VULHUB",
"id": "VHN-93320"
},
{
"date": "2016-05-26T00:00:00",
"db": "BID",
"id": "90898"
},
{
"date": "2016-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"date": "2016-05-31T01:59:08.337000",
"db": "NVD",
"id": "CVE-2016-4501"
},
{
"date": "2016-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-03675"
},
{
"date": "2016-06-07T00:00:00",
"db": "VULHUB",
"id": "VHN-93320"
},
{
"date": "2016-05-26T00:00:00",
"db": "BID",
"id": "90898"
},
{
"date": "2016-06-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002964"
},
{
"date": "2016-06-07T14:23:30.477000",
"db": "NVD",
"id": "CVE-2016-4501"
},
{
"date": "2016-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Environmental Systems Corporation 8832 Data Controller Vulnerabilities that bypass authentication",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-649"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…