var-201702-0675
Vulnerability from variot
An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess version 8.1. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the software, retrieve information, or modify data; other consequences are possible as well. WebAccess 8.1 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0675",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "eq",
"trust": 3.3,
"vendor": "advantech",
"version": "8.1"
},
{
"model": "webaccess",
"scope": null,
"trust": 0.7,
"vendor": "advantech",
"version": null
},
{
"model": "webaccess",
"scope": "ne",
"trust": 0.3,
"vendor": "advantech",
"version": "8.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "8.1"
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenable Network Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "BID",
"id": "95410"
}
],
"trust": 1.0
},
"cve": "CVE-2017-5154",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-5154",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2017-5154",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-00553",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "f6a19415-1129-4719-ad81-c1d464552563",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-113357",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5154",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5154",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2017-5154",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-00553",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-328",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-113357",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Advantech WebAccess Version 8.1. To be able to exploit the SQL injection vulnerability, an attacker must supply malformed input to the WebAccess software. Successful attack could result in administrative access to the application and its data files. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed.The specific flaw exists within updateTemplate.aspx. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. An attacker can use this vulnerability to disclose passwords of administrative accounts used by Advantech WebAccess. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. A SQL injection vulnerability exists in Advantech WebAccess version 8.1. Advantech WebAccess is prone to an SQL-injection vulnerability and an authentication-bypass vulnerability. \nAn attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, modify the logic of SQL queries, compromise the software, retrieve information, or modify data; other consequences are possible as well. \nWebAccess 8.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "VULHUB",
"id": "VHN-113357"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5154",
"trust": 4.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-012-01",
"trust": 3.4
},
{
"db": "BID",
"id": "95410",
"trust": 2.0
},
{
"db": "ZDI",
"id": "ZDI-17-043",
"trust": 1.6
},
{
"db": "TENABLE",
"id": "TRA-2017-04",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-00553",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3679",
"trust": 0.7
},
{
"db": "IVD",
"id": "F6A19415-1129-4719-AD81-C1D464552563",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-113357",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"id": "VAR-201702-0675",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
}
]
},
"last_update_date": "2023-12-18T12:57:29.500000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advantech WebAccess",
"trust": 0.8,
"url": "http://www.advantech.com/industrial-automation/webaccess"
},
{
"title": "Advantech has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
},
{
"title": "Advantech WebAccess \u0027updateTemplate.aspx\u0027 SQL Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/88106"
},
{
"title": "Advantech WebAccess SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66985"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/95410"
},
{
"trust": 1.1,
"url": "https://www.tenable.com/security/research/tra-2017-04"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5154"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5154"
},
{
"trust": 0.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/"
},
{
"trust": 0.3,
"url": "http://webaccess.advantech.com"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-17-043/ "
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-012-01 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"db": "VULHUB",
"id": "VHN-113357"
},
{
"db": "BID",
"id": "95410"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-18T00:00:00",
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"date": "2017-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-113357"
},
{
"date": "2017-01-12T00:00:00",
"db": "BID",
"id": "95410"
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"date": "2017-02-13T21:59:02.707000",
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-12T00:00:00",
"db": "ZDI",
"id": "ZDI-17-043"
},
{
"date": "2017-01-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00553"
},
{
"date": "2017-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-113357"
},
{
"date": "2017-01-23T04:05:00",
"db": "BID",
"id": "95410"
},
{
"date": "2017-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001616"
},
{
"date": "2017-11-03T01:29:07.733000",
"db": "NVD",
"id": "CVE-2017-5154"
},
{
"date": "2017-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess In SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001616"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "f6a19415-1129-4719-ad81-c1d464552563"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-328"
}
],
"trust": 0.8
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.