CVE-2021-41298

ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden resources in the system and execute privileged functionalities.

CVSS v3 8.8 HIGH
CVSS v2.0 6.5 MEDIUM

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.twcert.org.tw/tw/cp-132-5134-39f74-1.html	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ecoa:ecs_router_controller-ecs:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:ecoa:riskbuster_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ecoa:riskbuster:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:ecoa:riskterminator:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-09-30 11:15

Updated : 2021-10-07 16:25

NVD link : CVE-2021-41298

Mitre link : CVE-2021-41298

CVE.ORG link : CVE-2021-41298

JSON object : View

Products Affected

ecoa

ecs_router_controller-ecs
riskterminator
ecs_router_controller-ecs_firmware
riskbuster
riskbuster_firmware

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

CWE-284

Improper Access Control

{"id": "CVE-2021-41298", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "twcert@cert.org.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2021-09-30T11:15:07.813", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-5134-39f74-1.html", "tags": ["Third Party Advisory"], "source": "twcert@cert.org.tw"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-639"}]}, {"type": "Secondary", "source": "twcert@cert.org.tw", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden resources in the system and execute privileged functionalities."}, {"lang": "es", "value": "El controlador ECOA BAS es vulnerable a las referencias directas a objetos no seguro que se producen cuando la aplicaci\u00f3n proporciona acceso directo a objetos basados en la entrada suministrada por el usuario. Como resultado de esta vulnerabilidad, unos atacantes con privilegio de usuario general pueden omitir la autorizaci\u00f3n de forma remota y acceder a los recursos ocultos del sistema y ejecutar funcionalidades privilegiadas"}], "lastModified": "2021-10-07T16:25:15.340", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E80292D1-E3AD-42B6-A63E-3546010B97A3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ecoa:ecs_router_controller-ecs:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "541B6C82-F00E-4BFC-9947-A55B2F4EDD06"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ecoa:riskbuster_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19A28430-AB2B-423F-82D4-FC0E3A6DF335"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ecoa:riskbuster:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "58A6F2A4-A7DA-4A88-B572-917FFC80ADC1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ecoa:riskterminator:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "841DF575-8E63-4AB4-A6F9-77C28FC65BCE"}], "operator": "OR"}]}], "sourceIdentifier": "twcert@cert.org.tw"}