var-202303-1297
Vulnerability from variot
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report directory, this could lead to remote code execution when a victim eventually opens the report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). Schneider Electric of custom reports , IGSS Dashboard (DashBoard.exe) , igss data server There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by default. The issue results from the exposure of a dangerous function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. Schneider Electric IGSS Data Server is a data server of an interactive graphic Scada system of French Schneider Electric (Schneider Electric)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-1297",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "igss data server",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "16.0.0.23040"
},
{
"model": "igss dashboard",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "16.0.0.23040"
},
{
"model": "custom reports",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "16.0.0.23040"
},
{
"model": "igss dashboard",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "custom reports",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "igss data server",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "igss",
"scope": null,
"trust": 0.7,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric igss data server",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=v16.0.0.23040"
},
{
"model": "electric igss dashboard",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=v16.0.0.23040"
},
{
"model": "electric custom reports",
"scope": "lte",
"trust": 0.6,
"vendor": "schneider",
"version": "\u003c=v16.0.0.23040"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:custom_reports:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.23040",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:igss_dashboard:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.23040",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:igss_data_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "16.0.0.23040",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27980"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kimiya",
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
}
],
"trust": 0.7
},
"cve": "CVE-2023-27980",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2023-29375",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-27980",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2023-27980",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-27980",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "cybersecurity@se.com",
"id": "CVE-2023-27980",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2023-27980",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2023-29375",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-1556",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow the creation of a malicious report file in the IGSS project report directory, this could lead to remote code execution when a victim eventually opens the report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior). Schneider Electric of custom reports , IGSS Dashboard (DashBoard.exe) , igss data server There is a vulnerability in the lack of authentication for critical features.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the IGSSdataServer process, which listens on TCP port 12401 by default. The issue results from the exposure of a dangerous function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current user. Schneider Electric IGSS Data Server is a data server of an interactive graphic Scada system of French Schneider Electric (Schneider Electric)",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27980",
"trust": 4.5
},
{
"db": "SCHNEIDER",
"id": "SEVD-2023-073-04",
"trust": 3.0
},
{
"db": "ICS CERT",
"id": "ICSA-23-082-04",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94559502",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-19533",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-23-339",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2023-29375",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.1792",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"id": "VAR-202303-1297",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-29375"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-29375"
}
]
},
"last_update_date": "2023-12-18T11:54:51.763000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Schneider Electric has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-073-04\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-073-04.pdf"
},
{
"title": "Patch for Schneider Electric IGSS Data Server Access Control Error Vulnerability (CNVD-2023-29375)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/419156"
},
{
"title": "Schneider Electric IGSS Data Server Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=230404"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://download.schneider-electric.com/files?p_doc_ref=sevd-2023-073-04\u0026p_endoctype=security+and+safety+notice\u0026p_file_name=sevd-2023-073-04.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94559502/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27980"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-04"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-27980/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.1792"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-16T00:00:00",
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"date": "2023-04-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"date": "2023-11-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"date": "2023-03-21T06:15:13.063000",
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"date": "2023-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-16T00:00:00",
"db": "ZDI",
"id": "ZDI-23-339"
},
{
"date": "2023-04-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-29375"
},
{
"date": "2023-11-09T06:46:00",
"db": "JVNDB",
"id": "JVNDB-2023-005721"
},
{
"date": "2023-03-24T19:15:23.867000",
"db": "NVD",
"id": "CVE-2023-27980"
},
{
"date": "2023-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Schneider\u00a0Electric\u00a0 Vulnerability related to lack of authentication for critical functions in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005721"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-1556"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.