VAR-201703-1057
Vulnerability from variot - Updated: 2023-12-18 12:29In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. Vendors have confirmed this vulnerability NSWA-1314 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The product supports real-time network threat protection, custom web filtering and dynamic control applications. A remote attacker can exploit this vulnerability to inject commands. Exploiting these issues could allow an attacker to execute arbitrary commands in context of the affected application or hijack an arbitrary session and gain unauthorized access to the affected application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-1057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web appliance",
"scope": "lt",
"trust": 1.4,
"vendor": "sophos",
"version": "4.3.1.2"
},
{
"model": "web appliance",
"scope": "lte",
"trust": 1.0,
"vendor": "sophos",
"version": "4.3.1.1"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "sophos",
"version": "4.3.1.1"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.8.2"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.0"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "2.1.18"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.3.1"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.3"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.2.1.3"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.8.1.1"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.8.1"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.8.0"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.7.9.1"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.7.9"
},
{
"model": "web appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "sophos",
"version": "4.3.1.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"db": "BID",
"id": "97261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "NVD",
"id": "CVE-2017-6183"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.3.1.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6183"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Russell Sanford, Kapil Khot and Russell Sanford.",
"sources": [
{
"db": "BID",
"id": "97261"
}
],
"trust": 0.3
},
"cve": "CVE-2017-6183",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-6183",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2017-05238",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6183",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-6183",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-05238",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-1382",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "NVD",
"id": "CVE-2017-6183"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine\u0027s configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. Vendors have confirmed this vulnerability NSWA-1314 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) An attack may be carried out. The product supports real-time network threat protection, custom web filtering and dynamic control applications. A remote attacker can exploit this vulnerability to inject commands. \nExploiting these issues could allow an attacker to execute arbitrary commands in context of the affected application or hijack an arbitrary session and gain unauthorized access to the affected application",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6183"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"db": "BID",
"id": "97261"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6183",
"trust": 3.3
},
{
"db": "BID",
"id": "97261",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002798",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-05238",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1382",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"db": "BID",
"id": "97261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "NVD",
"id": "CVE-2017-6183"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
]
},
"id": "VAR-201703-1057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05238"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05238"
}
]
},
"last_update_date": "2023-12-18T12:29:45.032000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Version 4.3.1.2 Release Notes",
"trust": 0.8,
"url": "http://wsa.sophos.com/rn/swa/concepts/releasenotes_4.3.1.2.html"
},
{
"title": "Release of SWA v4.3.1.2",
"trust": 0.8,
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
},
{
"title": "Patch for SophosWebAppliance Remote Command Injection Vulnerability (CNVD-2017-05238)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/92640"
},
{
"title": "Sophos Web Appliance Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68889"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "NVD",
"id": "CVE-2017-6183"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://wsa.sophos.com/rn/swa/concepts/releasenotes_4.3.1.2.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/97261"
},
{
"trust": 1.6,
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6183"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6183"
},
{
"trust": 0.3,
"url": "http://www.splunk.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"db": "BID",
"id": "97261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "NVD",
"id": "CVE-2017-6183"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"db": "BID",
"id": "97261"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "NVD",
"id": "CVE-2017-6183"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"date": "2017-03-31T00:00:00",
"db": "BID",
"id": "97261"
},
{
"date": "2017-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"date": "2017-03-30T17:59:00.243000",
"db": "NVD",
"id": "CVE-2017-6183"
},
{
"date": "2017-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05238"
},
{
"date": "2017-04-04T00:02:00",
"db": "BID",
"id": "97261"
},
{
"date": "2017-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"date": "2017-04-04T15:24:53.780000",
"db": "NVD",
"id": "CVE-2017-6183"
},
{
"date": "2017-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sophos Web Appliance Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002798"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1382"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…