Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistIcscertCVELIST:CVE-2017-5169
HistoryFeb 13, 2017 - 9:00 p.m.

CVE-2017-5169

2017-02-1321:00:00
icscert
www.cve.org

8.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

65.1%

JSON

An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and Apache Felix Gogo servers that are installed as part of this product. By issuing specific HTTP Post requests, an attacker can gain system level access to a remote shell session. Smart Security Manager Versions 1.5 and prior are affected by these vulnerabilities. These vulnerabilities can allow for remote code execution.

CNA Affected

[
  {
    "product": "Hanwha Techwin Smart Security Manager 1.5 and prior",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Hanwha Techwin Smart Security Manager 1.5 and prior"
      }
    ]
  }
]

Related

prion 1
nvd 1
cve 1
ics 1
prion
prion
Cross site request forgery (csrf)
2017-02-13 21:59:00
nvd
nvd
CVE-2017-5169
2017-02-13 21:59:03
cve
cve
CVE-2017-5169
2017-02-13 21:59:03
ics
ics
Hanwha Techwin Smart Security Manager
2017-02-09 12:00:00

8.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

65.1%

JSON
Related for CVELIST:CVE-2017-5169
prion1nvd1cve1ics1