VAR-201703-0660
Vulnerability from variot - Updated: 2023-12-18 13:34An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access. Schneider Electric Wonderware Intelligence is a set of industrial big data intelligent management solutions from Schneider Electric. The solution provides visual query and analysis capabilities for industrial big data. Electric Tableau Server/Desktop is the server side and the desktop. This may lead to further attacks. The following products are vulnerable: Wonderware Intelligence Tableau Analytics Dashboard Server 7.0 through 10.1.3 Wonderware Intelligence Tableau Analytics Client 7.0 through 10.1.3 Versions prior to Wonderware Intelligence Wonderware Intelligence 2014 R3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0660",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tableau desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": "7.0"
},
{
"model": "tableau server",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": "7.0"
},
{
"model": "tableau desktop",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": "10.1.3"
},
{
"model": "tableau server",
"scope": "eq",
"trust": 1.6,
"vendor": "schneider electric",
"version": "10.1.3"
},
{
"model": "wonderware intelligence",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "2014"
},
{
"model": "wonderware intelligence tableau analytics client",
"scope": "eq",
"trust": 0.9,
"vendor": "schneider electric",
"version": "10.1.3"
},
{
"model": "wonderware intelligence tableau analytics client",
"scope": "eq",
"trust": 0.9,
"vendor": "schneider electric",
"version": "7.0"
},
{
"model": "wonderware intelligence tableau analytics dashboard server",
"scope": "eq",
"trust": 0.9,
"vendor": "schneider electric",
"version": "10.1.3"
},
{
"model": "wonderware intelligence tableau analytics dashboard server",
"scope": "eq",
"trust": 0.9,
"vendor": "schneider electric",
"version": "7.0"
},
{
"model": "tableau desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.0 to 10.1.3"
},
{
"model": "tableau server",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.0 to 10.1.3"
},
{
"model": "wonderware intelligence",
"scope": "lte",
"trust": 0.8,
"vendor": "schneider electric",
"version": "2014r3"
},
{
"model": "wonderware intelligence tableau analytics client",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "wonderware intelligence",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "2014"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "tableau desktop",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "tableau desktop",
"version": "10.1.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "tableau server",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "tableau server",
"version": "10.1.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware intelligence",
"version": "*"
},
{
"model": "wonderware intelligence wonderware intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "wonderware intelligence wonderware intelligence r3",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2014"
},
{
"model": "wonderware intelligence tableau analytics dashboard server",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "10.1.4"
},
{
"model": "wonderware intelligence tableau analytics client",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "10.1.4"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"db": "BID",
"id": "96721"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"db": "NVD",
"id": "CVE-2017-5178"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:tableau_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:tableau_desktop:10.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:tableau_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:tableau_server:10.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:wonderware_intelligence:*:r3:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5178"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "96721"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5178",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-5178",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-03075",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-113381",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5178",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5178",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-03075",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-353",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-113381",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-5178",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"db": "VULHUB",
"id": "VHN-113381"
},
{
"db": "VULMON",
"id": "CVE-2017-5178"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"db": "NVD",
"id": "CVE-2017-5178"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access. Schneider Electric Wonderware Intelligence is a set of industrial big data intelligent management solutions from Schneider Electric. The solution provides visual query and analysis capabilities for industrial big data. Electric Tableau Server/Desktop is the server side and the desktop. This may lead to further attacks. \nThe following products are vulnerable:\nWonderware Intelligence Tableau Analytics Dashboard Server 7.0 through 10.1.3\nWonderware Intelligence Tableau Analytics Client 7.0 through 10.1.3\nVersions prior to Wonderware Intelligence Wonderware Intelligence 2014 R3",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5178"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"db": "BID",
"id": "96721"
},
{
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"db": "VULHUB",
"id": "VHN-113381"
},
{
"db": "VULMON",
"id": "CVE-2017-5178"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5178",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSA-17-066-01",
"trust": 3.5
},
{
"db": "BID",
"id": "96721",
"trust": 2.7
},
{
"db": "CNNVD",
"id": "CNNVD-201703-353",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2017-03075",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D7FEB10-463F-11E9-8E54-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "B1597A71-B107-42CA-BD83-9CAE3C1A9195",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-113381",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-5178",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"db": "VULHUB",
"id": "VHN-113381"
},
{
"db": "VULMON",
"id": "CVE-2017-5178"
},
{
"db": "BID",
"id": "96721"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"db": "NVD",
"id": "CVE-2017-5178"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
]
},
"id": "VAR-201703-0660",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"db": "VULHUB",
"id": "VHN-113381"
}
],
"trust": 1.85
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"db": "CNVD",
"id": "CNVD-2017-03075"
}
]
},
"last_update_date": "2023-12-18T13:34:18.894000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "LFSEC00000119",
"trust": 0.8,
"url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/"
},
{
"title": "Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop Default Credential Security Restricted Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/90673"
},
{
"title": "Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67840"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/privilege-escalation-flaw-patched-in-schneider-wonderware/124217/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"db": "VULMON",
"id": "CVE-2017-5178"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1188",
"trust": 1.0
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-113381"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"db": "NVD",
"id": "CVE-2017-5178"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-066-01"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/96721"
},
{
"trust": 1.8,
"url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5178"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5178"
},
{
"trust": 0.3,
"url": "www.controlmicrosystems.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/1188.html"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=52969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/privilege-escalation-flaw-patched-in-schneider-wonderware/124217/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"db": "VULHUB",
"id": "VHN-113381"
},
{
"db": "VULMON",
"id": "CVE-2017-5178"
},
{
"db": "BID",
"id": "96721"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"db": "NVD",
"id": "CVE-2017-5178"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"db": "VULHUB",
"id": "VHN-113381"
},
{
"db": "VULMON",
"id": "CVE-2017-5178"
},
{
"db": "BID",
"id": "96721"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"db": "NVD",
"id": "CVE-2017-5178"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-22T00:00:00",
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"date": "2017-03-22T00:00:00",
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"date": "2017-03-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"date": "2017-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-113381"
},
{
"date": "2017-03-08T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5178"
},
{
"date": "2017-03-07T00:00:00",
"db": "BID",
"id": "96721"
},
{
"date": "2017-04-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"date": "2017-03-08T08:59:00.160000",
"db": "NVD",
"id": "CVE-2017-5178"
},
{
"date": "2017-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-03075"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-113381"
},
{
"date": "2021-06-04T00:00:00",
"db": "VULMON",
"id": "CVE-2017-5178"
},
{
"date": "2017-03-16T01:00:00",
"db": "BID",
"id": "96721"
},
{
"date": "2017-04-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002291"
},
{
"date": "2021-06-04T14:19:35.500000",
"db": "NVD",
"id": "CVE-2017-5178"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Wonderware Intelligence Electric Tableau Server/Desktop Default Credential Security Restriction Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7feb10-463f-11e9-8e54-000c29342cb1"
},
{
"db": "IVD",
"id": "b1597a71-b107-42ca-bd83-9cae3c1a9195"
},
{
"db": "CNVD",
"id": "CNVD-2017-03075"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-353"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…