VAR-201708-1417
Vulnerability from variot - Updated: 2023-12-18 12:44A Missing Encryption of Sensitive Data issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, LaserJet, all versions, ProTouch Tandem, all versions, ProTouch ICON, all versions, and ProTouch AutoGloss, all versions. The username and password are transmitted insecurely. plural PDQ Manufacturing The product contains cryptographic vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PDQ Manufacturing LaserWash G5 and others are all automotive automatic cleaning equipment from PDQ Manufacturing. There are security vulnerabilities in several PDQ products due to the failure of the program to pass the username and password in a secure manner. An attacker can use this vulnerability to gain access to the system and issue commands that affect the normal operation of the system. An authentication bypass vulnerability 2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1417",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "laserwash autoxpress",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "laserwash 360 plus",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "protouch autogloss",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "protouch icon",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "laserwash m5",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "laserwash g5 s",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "laserjet",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "laserwash autoxpress plus",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "laserwash 360",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "protouch tandem",
"scope": "eq",
"trust": 1.6,
"vendor": "pdqinc",
"version": null
},
{
"model": "laserwash g5",
"scope": "eq",
"trust": 1.0,
"vendor": "pdqinc",
"version": null
},
{
"model": "laserjet",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "laserwash 360 plus",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "laserwash 360",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "laserwash autoexpress plus",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "laserwash autoxpress",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "laserwash g5 s series",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "laserwash g5",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "laserwash m5",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "protouch autogloss",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "protouch icon",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "protouch tandem",
"scope": "eq",
"trust": 0.8,
"vendor": "pdq manufacturing",
"version": null
},
{
"model": "manufacturing laserwash g5",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing laserwash g5 s",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing laserwash m5",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing laserwash",
"scope": "eq",
"trust": 0.6,
"vendor": "pdq",
"version": "360"
},
{
"model": "manufacturing laserwash plus",
"scope": "eq",
"trust": 0.6,
"vendor": "pdq",
"version": "360"
},
{
"model": "manufacturing laserwash autoxpress",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing laserwash autoexpress plus",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing laserjet",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing protouch tandem",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing protouch icon",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing protouch autogloss",
"scope": null,
"trust": 0.6,
"vendor": "pdq",
"version": null
},
{
"model": "manufacturing inc protouch tandem",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": "manufacturing inc protouch icon",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": "manufacturing inc protouch autogloss",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": "manufacturing inc laserwash m5",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": "manufacturing inc laserwash g5 s",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": "manufacturing inc laserwash g5",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": "manufacturing inc laserwash autoxpress",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": "manufacturing inc laserwash autoexpress plus",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": "manufacturing inc laserwash plus",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "3600"
},
{
"model": "manufacturing inc laserwash",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "3600"
},
{
"model": "manufacturing inc laserjet",
"scope": "eq",
"trust": 0.3,
"vendor": "pdq",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laserwash g5",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "protouch icon",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "protouch autogloss",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laserwash g5 s",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laserwash m5",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laserwash 360",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laserwash 360 plus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laserwash autoxpress",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laserwash autoxpress plus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laserjet",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "protouch tandem",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3"
},
{
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"db": "BID",
"id": "100133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"db": "NVD",
"id": "CVE-2017-9632"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:laserwash_g5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:laserwash_g5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:laserwash_g5_s_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:laserwash_g5_s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:laserwash_m5_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:laserwash_m5:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:laserwash_360_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:laserwash_360:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:laserwash_360_plus_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:laserwash_360_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:laserwash_autoxpress_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:laserwash_autoxpress:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:laserwash_autoxpress_plus_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:laserwash_autoxpress_plus:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:laserjet_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:laserjet:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:protouch_tandem_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:protouch_tandem:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:protouch_icon_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:protouch_icon:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:pdqinc:protouch_autogloss_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:pdqinc:protouch_autogloss:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9632"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios and Jonathan Butts of WhiteScope and independent security researcher Terry McCorkle.",
"sources": [
{
"db": "BID",
"id": "100133"
}
],
"trust": 0.3
},
"cve": "CVE-2017-9632",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-9632",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-23005",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-117835",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-9632",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-9632",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2017-23005",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-154",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-117835",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3"
},
{
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"db": "VULHUB",
"id": "VHN-117835"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"db": "NVD",
"id": "CVE-2017-9632"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Missing Encryption of Sensitive Data issue was discovered in PDQ Manufacturing LaserWash G5 and G5 S Series all versions, LaserWash M5, all versions, LaserWash 360 and 360 Plus, all versions, LaserWash AutoXpress and AutoExpress Plus, all versions, LaserJet, all versions, ProTouch Tandem, all versions, ProTouch ICON, all versions, and ProTouch AutoGloss, all versions. The username and password are transmitted insecurely. plural PDQ Manufacturing The product contains cryptographic vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PDQ Manufacturing LaserWash G5 and others are all automotive automatic cleaning equipment from PDQ Manufacturing. There are security vulnerabilities in several PDQ products due to the failure of the program to pass the username and password in a secure manner. An attacker can use this vulnerability to gain access to the system and issue commands that affect the normal operation of the system. An authentication bypass vulnerability\n2",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9632"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"db": "BID",
"id": "100133"
},
{
"db": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3"
},
{
"db": "VULHUB",
"id": "VHN-117835"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9632",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-208-03",
"trust": 3.4
},
{
"db": "CNNVD",
"id": "CNNVD-201708-154",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23005",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167",
"trust": 0.8
},
{
"db": "BID",
"id": "100133",
"trust": 0.3
},
{
"db": "IVD",
"id": "2CCB15EA-1CC2-462E-ABC8-C9DBD66EA3D3",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-117835",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3"
},
{
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"db": "VULHUB",
"id": "VHN-117835"
},
{
"db": "BID",
"id": "100133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"db": "NVD",
"id": "CVE-2017-9632"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
]
},
"id": "VAR-201708-1417",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3"
},
{
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"db": "VULHUB",
"id": "VHN-117835"
}
],
"trust": 1.73333332
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3"
},
{
"db": "CNVD",
"id": "CNVD-2017-23005"
}
]
},
"last_update_date": "2023-12-18T12:44:27.819000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.pdqinc.com/"
},
{
"title": "Patch for multiple PDQ product rights acquisition vulnerabilities (CNVD-2017-23005)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/100890"
},
{
"title": "Multiple PDQ Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=72389"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-311",
"trust": 1.1
},
{
"problemtype": "CWE-310",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117835"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"db": "NVD",
"id": "CVE-2017-9632"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-208-03"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9632"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9632"
},
{
"trust": 0.3,
"url": "http://www.pdqinc.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"db": "VULHUB",
"id": "VHN-117835"
},
{
"db": "BID",
"id": "100133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"db": "NVD",
"id": "CVE-2017-9632"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3"
},
{
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"db": "VULHUB",
"id": "VHN-117835"
},
{
"db": "BID",
"id": "100133"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"db": "NVD",
"id": "CVE-2017-9632"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "IVD",
"id": "2ccb15ea-1cc2-462e-abc8-c9dbd66ea3d3"
},
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-117835"
},
{
"date": "2017-07-27T00:00:00",
"db": "BID",
"id": "100133"
},
{
"date": "2017-09-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"date": "2017-08-07T08:29:00.400000",
"db": "NVD",
"id": "CVE-2017-9632"
},
{
"date": "2017-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23005"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-117835"
},
{
"date": "2017-07-27T00:00:00",
"db": "BID",
"id": "100133"
},
{
"date": "2017-09-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007167"
},
{
"date": "2019-10-09T23:30:44.097000",
"db": "NVD",
"id": "CVE-2017-9632"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural PDQ Manufacturing Cryptographic vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007167"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-154"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…