CVE-2015-3939

Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows remote authenticated users to read arbitrary files via unspecified vectors involving an internal web server, as demonstrated by reading a TELNET credentials file.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:C/I:N/A:N

Exploitability : 8.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/74900
https://ics-cert.us-cert.gov/advisories/ICSA-15-148-01	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:ids:nc854:-:::::::*
	cpe:2.3:a:ids:nc856:-:::::::*

cpe:2.3:h:ids:ids_rtu_850c:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-05-31 17:59

Updated : 2016-12-06 03:01

NVD link : CVE-2015-3939

Mitre link : CVE-2015-3939

CVE.ORG link : CVE-2015-3939

JSON object : View

Products Affected

ids

nc856
ids_rtu_850c
nc854

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2015-3939", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-05-31T17:59:07.077", "references": [{"url": "http://www.securityfocus.com/bid/74900", "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-148-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows remote authenticated users to read arbitrary files via unspecified vectors involving an internal web server, as demonstrated by reading a TELNET credentials file."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en los m\u00f3dulos NC854 y NC856 para los dispositivos IDS RTU 850C permite a usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s de vectores no especificados que involucran un servidor web interno, tal y como fue demostrado mediante la lectura de un fichero de las credenciales de TELNET."}], "lastModified": "2016-12-06T03:01:26.007", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ids:nc854:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0CBDFE1-4BE6-4FAE-9A62-831ABFBAD031"}, {"criteria": "cpe:2.3:a:ids:nc856:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35180322-3531-45AA-B04C-F866993FA871"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ids:ids_rtu_850c:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "950C4B9E-2906-4265-A6AD-8515B79810E2"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}