VAR-201708-0164
Vulnerability from variot - Updated: 2023-12-18 12:02A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source. plural Westermo The product contains a vulnerability related to the use of hard-coded credentials.Information may be obtained. The WestermoMRD-305-DIN, MRD-315 and MRD-355 are all router products from Westermo, Sweden. There are security vulnerabilities in several Westermo devices. An attacker could exploit this vulnerability to decode traffic from other sources. A hard-coded credentials vulnerability 2. A cross-site request forgery vulnerability 3. A hard-coded cryptographic key vulnerability Attackers can exploit these issues to bypass authentication mechanisms, to perform unauthorized actions and gain access to the affected application and to read and modify intercepted traffic. The following products and versions are affected: Westermo MRD-305-DIN 1.7.5.0 previous version, MRD-315 1.7.5.0 previous version, MRD-355 1.7.5.0 previous version, MRD-455 1.7.5.0 previous version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0164",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mrd-315-din",
"scope": "eq",
"trust": 1.6,
"vendor": "westermo",
"version": null
},
{
"model": "mrd-455-din",
"scope": "eq",
"trust": 1.6,
"vendor": "westermo",
"version": null
},
{
"model": "mrd-355-din",
"scope": "eq",
"trust": 1.6,
"vendor": "westermo",
"version": null
},
{
"model": "mrd-305-din",
"scope": "eq",
"trust": 1.6,
"vendor": "westermo",
"version": null
},
{
"model": "mrd-305-din",
"scope": "lt",
"trust": 1.2,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-315",
"scope": "lt",
"trust": 1.2,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-355",
"scope": "lt",
"trust": 1.2,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-455",
"scope": "lt",
"trust": 1.2,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-305-din",
"scope": "lte",
"trust": 0.8,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-315",
"scope": "lte",
"trust": 0.8,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-355",
"scope": "lte",
"trust": 0.8,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-455",
"scope": "lte",
"trust": 0.8,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-455",
"scope": "eq",
"trust": 0.3,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-355",
"scope": "eq",
"trust": 0.3,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-315",
"scope": "eq",
"trust": 0.3,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-305-din",
"scope": "eq",
"trust": 0.3,
"vendor": "westermo",
"version": "1.7.5.0"
},
{
"model": "mrd-455",
"scope": "ne",
"trust": 0.3,
"vendor": "westermo",
"version": "1.7.7.0"
},
{
"model": "mrd-355",
"scope": "ne",
"trust": 0.3,
"vendor": "westermo",
"version": "1.7.7.0"
},
{
"model": "mrd-315",
"scope": "ne",
"trust": 0.3,
"vendor": "westermo",
"version": "1.7.7.0"
},
{
"model": "mrd-305-din",
"scope": "ne",
"trust": 0.3,
"vendor": "westermo",
"version": "1.7.7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "mrd 305 din",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "mrd 315 din",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "mrd 355 din",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "mrd 455 din",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8"
},
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"db": "BID",
"id": "100470"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"db": "NVD",
"id": "CVE-2016-5816"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westermo:mrd-305-din_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westermo:mrd-305-din:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westermo:mrd-315-din_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westermo:mrd-315-din:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westermo:mrd-355-din_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westermo:mrd-355-din:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westermo:mrd-455-din_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westermo:mrd-455-din:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5816"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mandar Jadhav from Qualys Security",
"sources": [
{
"db": "BID",
"id": "100470"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
],
"trust": 0.9
},
"cve": "CVE-2016-5816",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-5816",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-30639",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23002",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-94635",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-5816",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5816",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-30639",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-23002",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1142",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-94635",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8"
},
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"db": "VULHUB",
"id": "VHN-94635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"db": "NVD",
"id": "CVE-2016-5816"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source. plural Westermo The product contains a vulnerability related to the use of hard-coded credentials.Information may be obtained. The WestermoMRD-305-DIN, MRD-315 and MRD-355 are all router products from Westermo, Sweden. There are security vulnerabilities in several Westermo devices. An attacker could exploit this vulnerability to decode traffic from other sources. A hard-coded credentials vulnerability\n2. A cross-site request forgery vulnerability\n3. A hard-coded cryptographic key vulnerability\nAttackers can exploit these issues to bypass authentication mechanisms, to perform unauthorized actions and gain access to the affected application and to read and modify intercepted traffic. The following products and versions are affected: Westermo MRD-305-DIN 1.7.5.0 previous version, MRD-315 1.7.5.0 previous version, MRD-355 1.7.5.0 previous version, MRD-455 1.7.5.0 previous version",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5816"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"db": "BID",
"id": "100470"
},
{
"db": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8"
},
{
"db": "VULHUB",
"id": "VHN-94635"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-17-236-01",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2016-5816",
"trust": 3.6
},
{
"db": "BID",
"id": "100470",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1142",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-30639",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-23002",
"trust": 0.6
},
{
"db": "IVD",
"id": "3100F3C9-AB5E-47F9-82FC-013B68B6C3C8",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94635",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8"
},
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"db": "VULHUB",
"id": "VHN-94635"
},
{
"db": "BID",
"id": "100470"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"db": "NVD",
"id": "CVE-2016-5816"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
]
},
"id": "VAR-201708-0164",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8"
},
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"db": "VULHUB",
"id": "VHN-94635"
}
],
"trust": 2.243055575
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 1.2
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8"
},
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
}
]
},
"last_update_date": "2023-12-18T12:02:37.761000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Wireless routers",
"trust": 0.8,
"url": "http://www.westermo.us/web/web_en_idc_us.nsf/alldocuments/b84901de5cc4368dc12578930031f1bc"
},
{
"title": "Multiple Westermo devices hardcode patches that use encryption key vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/104054"
},
{
"title": "Patches for several Westermo router hardcoded password vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/100885"
},
{
"title": "Multiple Westermo Repair measures for device security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74300"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"db": "NVD",
"id": "CVE-2016-5816"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-236-01"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/100470"
},
{
"trust": 0.9,
"url": "http://www.westermo.com/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5816"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5816"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"db": "VULHUB",
"id": "VHN-94635"
},
{
"db": "BID",
"id": "100470"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"db": "NVD",
"id": "CVE-2016-5816"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8"
},
{
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"db": "VULHUB",
"id": "VHN-94635"
},
{
"db": "BID",
"id": "100470"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"db": "NVD",
"id": "CVE-2016-5816"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-19T00:00:00",
"db": "IVD",
"id": "3100f3c9-ab5e-47f9-82fc-013b68b6c3c8"
},
{
"date": "2017-10-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"date": "2017-08-25T00:00:00",
"db": "VULHUB",
"id": "VHN-94635"
},
{
"date": "2017-08-24T00:00:00",
"db": "BID",
"id": "100470"
},
{
"date": "2017-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"date": "2017-08-25T16:29:00.190000",
"db": "NVD",
"id": "CVE-2016-5816"
},
{
"date": "2017-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-30639"
},
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23002"
},
{
"date": "2017-08-30T00:00:00",
"db": "VULHUB",
"id": "VHN-94635"
},
{
"date": "2019-04-15T18:00:00",
"db": "BID",
"id": "100470"
},
{
"date": "2017-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008790"
},
{
"date": "2017-08-30T16:58:29.660000",
"db": "NVD",
"id": "CVE-2016-5816"
},
{
"date": "2019-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Westermo Vulnerabilities related to the use of hard-coded credentials in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008790"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1142"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…