VAR-201708-1389
Vulnerability from variot - Updated: 2023-12-18 12:37An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may allow for unauthorized communications to downstream devices. An attacker could exploit the vulnerability to communicate with downstream devices. Attackers can exploit this issue to gain unauthorized access to the affected device. This may aid in further attacks. The following versions are vulnerable: SEL-3620 R202, R203, R203-V1, R203-V2, R204, and R204-V1 SEL-3622 R202, R203, R203-V1, R203-V2, R204, and R204-V1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1389",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sel-3620",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r202"
},
{
"model": "sel-3620",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r203-v"
},
{
"model": "sel-3622",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r204-v1"
},
{
"model": "sel-3622",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r204"
},
{
"model": "sel-3620",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r203-v1"
},
{
"model": "sel-3620",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r204"
},
{
"model": "sel-3620",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r204-v1"
},
{
"model": "sel-3622",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r203"
},
{
"model": "sel-3620",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r203"
},
{
"model": "sel-3622",
"scope": "eq",
"trust": 1.6,
"vendor": "selinc",
"version": "r202"
},
{
"model": "sel-3622",
"scope": "eq",
"trust": 1.0,
"vendor": "selinc",
"version": "r203-v"
},
{
"model": "sel-3622",
"scope": "eq",
"trust": 1.0,
"vendor": "selinc",
"version": "r203-v1"
},
{
"model": "engineering laboratories sel-3620 r202",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3620 r203",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3620 r203-v1",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3620 r203-v2",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3620 r204",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3620 r204-v1",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3622 r202",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3622 r203",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3622 r203-v1",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3622 r203-v2",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3622 r204",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "engineering laboratories sel-3622 r204-v1",
"scope": null,
"trust": 0.9,
"vendor": "schweitzer",
"version": null
},
{
"model": "sel-3620",
"scope": null,
"trust": 0.8,
"vendor": "schweitzer engineering laboratories",
"version": null
},
{
"model": "sel-3622",
"scope": null,
"trust": 0.8,
"vendor": "schweitzer engineering laboratories",
"version": null
},
{
"model": "r202",
"scope": null,
"trust": 0.2,
"vendor": "sel 3620",
"version": null
},
{
"model": "r203",
"scope": null,
"trust": 0.2,
"vendor": "sel 3620",
"version": null
},
{
"model": "r203-v",
"scope": null,
"trust": 0.2,
"vendor": "sel 3620",
"version": null
},
{
"model": "r203-v1",
"scope": null,
"trust": 0.2,
"vendor": "sel 3620",
"version": null
},
{
"model": "r204",
"scope": null,
"trust": 0.2,
"vendor": "sel 3620",
"version": null
},
{
"model": "r204-v1",
"scope": null,
"trust": 0.2,
"vendor": "sel 3620",
"version": null
},
{
"model": "r202",
"scope": null,
"trust": 0.2,
"vendor": "sel 3622",
"version": null
},
{
"model": "r203",
"scope": null,
"trust": 0.2,
"vendor": "sel 3622",
"version": null
},
{
"model": "r203-v",
"scope": null,
"trust": 0.2,
"vendor": "sel 3622",
"version": null
},
{
"model": "r203-v1",
"scope": null,
"trust": 0.2,
"vendor": "sel 3622",
"version": null
},
{
"model": "r204",
"scope": null,
"trust": 0.2,
"vendor": "sel 3622",
"version": null
},
{
"model": "r204-v1",
"scope": null,
"trust": 0.2,
"vendor": "sel 3622",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5"
},
{
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"db": "BID",
"id": "99536"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"db": "NVD",
"id": "CVE-2017-7928"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3620_firmware:r203:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3620_firmware:r203-v:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3620_firmware:r204-v1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3620_firmware:r202:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3620_firmware:r203-v1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3620_firmware:r204:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:selinc:sel-3620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3622_firmware:r203-v1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3622_firmware:r204:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3622_firmware:r202:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3622_firmware:r203:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3622_firmware:r203-v:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:selinc:sel-3622_firmware:r204-v1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:selinc:sel-3622:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7928"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jason Holcomb",
"sources": [
{
"db": "BID",
"id": "99536"
}
],
"trust": 0.3
},
"cve": "CVE-2017-7928",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-7928",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-22833",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-116131",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 10.0,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7928",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7928",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-22833",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-932",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-116131",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-7928",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5"
},
{
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"db": "VULHUB",
"id": "VHN-116131"
},
{
"db": "VULMON",
"id": "CVE-2017-7928"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"db": "NVD",
"id": "CVE-2017-7928"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may allow for unauthorized communications to downstream devices. An attacker could exploit the vulnerability to communicate with downstream devices. \nAttackers can exploit this issue to gain unauthorized access to the affected device. This may aid in further attacks. \nThe following versions are vulnerable:\nSEL-3620 R202, R203, R203-V1, R203-V2, R204, and R204-V1\nSEL-3622 R202, R203, R203-V1, R203-V2, R204, and R204-V1",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7928"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"db": "BID",
"id": "99536"
},
{
"db": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5"
},
{
"db": "VULHUB",
"id": "VHN-116131"
},
{
"db": "VULMON",
"id": "CVE-2017-7928"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7928",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-192-06",
"trust": 3.5
},
{
"db": "BID",
"id": "99536",
"trust": 2.7
},
{
"db": "CNNVD",
"id": "CNNVD-201704-932",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-22833",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168",
"trust": 0.8
},
{
"db": "IVD",
"id": "E5C3576C-4D56-4689-AF8A-7DC7F07200B5",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116131",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-7928",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5"
},
{
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"db": "VULHUB",
"id": "VHN-116131"
},
{
"db": "VULMON",
"id": "CVE-2017-7928"
},
{
"db": "BID",
"id": "99536"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"db": "NVD",
"id": "CVE-2017-7928"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
]
},
"id": "VAR-201708-1389",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5"
},
{
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"db": "VULHUB",
"id": "VHN-116131"
}
],
"trust": 1.65
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5"
},
{
"db": "CNVD",
"id": "CNVD-2017-22833"
}
]
},
"last_update_date": "2023-12-18T12:37:14.481000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEL-3620",
"trust": 0.8,
"url": "https://selinc.com/products/3620/"
},
{
"title": "SEL-3622",
"trust": 0.8,
"url": "https://selinc.com/products/3622/"
},
{
"title": "Schweitzer Engineering Laboratories SEL-3620 and SEL-3622 Security Gateway are not authorized to access vulnerable patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/100855"
},
{
"title": "Schweitzer Engineering Laboratories SEL-3620 and SEL-3622 Security Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=99747"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116131"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"db": "NVD",
"id": "CVE-2017-7928"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-192-06"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/99536"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7928"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7928"
},
{
"trust": 0.3,
"url": "https://selinc.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"db": "VULHUB",
"id": "VHN-116131"
},
{
"db": "VULMON",
"id": "CVE-2017-7928"
},
{
"db": "BID",
"id": "99536"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"db": "NVD",
"id": "CVE-2017-7928"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5"
},
{
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"db": "VULHUB",
"id": "VHN-116131"
},
{
"db": "VULMON",
"id": "CVE-2017-7928"
},
{
"db": "BID",
"id": "99536"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"db": "NVD",
"id": "CVE-2017-7928"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-25T00:00:00",
"db": "IVD",
"id": "e5c3576c-4d56-4689-af8a-7dc7f07200b5"
},
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-116131"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7928"
},
{
"date": "2017-07-11T00:00:00",
"db": "BID",
"id": "99536"
},
{
"date": "2017-09-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"date": "2017-08-07T08:29:00.290000",
"db": "NVD",
"id": "CVE-2017-7928"
},
{
"date": "2017-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22833"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116131"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7928"
},
{
"date": "2017-07-11T00:00:00",
"db": "BID",
"id": "99536"
},
{
"date": "2017-09-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007168"
},
{
"date": "2019-10-09T23:29:59.627000",
"db": "NVD",
"id": "CVE-2017-7928"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schweitzer Engineering Laboratories SEL-3620 and SEL-3622 Security Gateway Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007168"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-932"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…