CVE-2016-9155

The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; CCID1445-DN18, CCID1445-DN28, CCID1145-DN36, CFIS1425, CCIS1425, CFMS2025, CCMS2025, CVMS2025-IR, CFMW1025, CCMW1025 prior to version v2635_SP1 could allow an attacker with network access to the web server to obtain administrative credentials under certain circumstances.

CVSS v3.0 9.8 CRITICAL
CVSS v2.0 5.0 MEDIUM

9.8^/10

CVSS v3.0 : CRITICAL

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284765.pdf	Patch Vendor Advisory
http://www.securityfocus.com/bid/94392	Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-16-322-01	Mitigation Third Party Advisory US Government Resource VDB Entry

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:siemens:ccmw1025_firmware:-:::::::*
	cpe:2.3:o:siemens:cvms2025-ir_firmware:-:::::::*
	cpe:2.3:o:siemens:ccid1445-dn36_firmware:-:::::::*
	cpe:2.3:o:siemens:ccid1445-dn18_firmware:-:::::::*
	cpe:2.3:o:siemens:ccms2025_firmware:-:::::::*
	cpe:2.3:o:siemens:cfms2025_firmware:-:::::::*
	cpe:2.3:o:siemens:ccis1425_firmware:-:::::::*
	cpe:2.3:o:siemens:cfis1425_firmware:-:::::::*
	cpe:2.3:o:siemens:ccpw3025_firmware:-:::::::*
	cpe:2.3:o:siemens:cfmw3025_firmware:-:::::::*
	cpe:2.3:o:siemens:cvmw3025-ir_firmware:-:::::::*
	cpe:2.3:o:siemens:ccid1445-dn28_firmware:-:::::::*
	cpe:2.3:o:siemens:ccmw3025_firmware:-:::::::*
	cpe:2.3:o:siemens:ccmd3025-dn18_firmware:-:::::::*
	cpe:2.3:o:siemens:cfmw1025_firmware:-:::::::*

OR	cpe:2.3:h:siemens:ccmw1025:-:::::::*
	cpe:2.3:h:siemens:cvms2025-ir:-:::::::*
	cpe:2.3:h:siemens:ccid1445-dn18:-:::::::*
	cpe:2.3:h:siemens:ccpw3025:-:::::::*
	cpe:2.3:h:siemens:cfms2025:-:::::::*
	cpe:2.3:h:siemens:ccis1425:-:::::::*
	cpe:2.3:h:siemens:cfis1425:-:::::::*
	cpe:2.3:h:siemens:ccid1445-dn36:-:::::::*
	cpe:2.3:h:siemens:cfmw3025:-:::::::*
	cpe:2.3:h:siemens:cvmw3025-ir:-:::::::*
	cpe:2.3:h:siemens:ccmw3025:-:::::::*
	cpe:2.3:h:siemens:ccmd3025-dn18:-:::::::*
	cpe:2.3:h:siemens:ccid1445-dn28:-:::::::*
	cpe:2.3:h:siemens:ccms2025:-:::::::*
	cpe:2.3:h:siemens:cfmw1025:-:::::::*

Information

Published : 2016-11-22 03:59

Updated : 2016-12-22 20:14

NVD link : CVE-2016-9155

Mitre link : CVE-2016-9155

JSON object : View

CWE

CWE-284

Improper Access Control

Products Affected

siemens

cvmw3025-ir_firmware
ccid1445-dn28_firmware
ccis1425
ccmd3025-dn18_firmware
ccid1445-dn28
ccms2025_firmware
ccms2025
cvms2025-ir
cvmw3025-ir
cfms2025_firmware
cfmw3025_firmware
cfis1425
ccmw3025
ccmw1025_firmware
cfmw1025_firmware
ccid1445-dn18
cfms2025
ccmd3025-dn18
cfmw3025
ccid1445-dn36
ccis1425_firmware
ccpw3025_firmware
cfmw1025
ccid1445-dn36_firmware
ccmw1025
cvms2025-ir_firmware
ccpw3025
cfis1425_firmware
ccid1445-dn18_firmware
ccmw3025_firmware

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284765.pdf", "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284765.pdf", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/94392", "name": "94392", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-322-01", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-322-01", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource", "VDB Entry"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; CCID1445-DN18, CCID1445-DN28, CCID1145-DN36, CFIS1425, CCIS1425, CFMS2025, CCMS2025, CVMS2025-IR, CFMW1025, CCMW1025 prior to version v2635_SP1 could allow an attacker with network access to the web server to obtain administrative credentials under certain circumstances."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-284"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2016-9155", "ASSIGNER": "productcert@siemens.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}}, "publishedDate": "2016-11-22T11:59Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:siemens:ccmw1025_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:cvms2025-ir_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:ccid1445-dn36_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:ccid1445-dn18_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:ccms2025_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:cfms2025_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:ccis1425_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:cfis1425_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:ccpw3025_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:cfmw3025_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:cvmw3025-ir_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:ccid1445-dn28_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:ccmw3025_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:ccmd3025-dn18_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:siemens:cfmw1025_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:siemens:ccmw1025:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:cvms2025-ir:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:ccid1445-dn18:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:ccpw3025:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:cfms2025:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:ccis1425:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:cfis1425:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:ccid1445-dn36:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:cfmw3025:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:cvmw3025-ir:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:ccmw3025:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:ccmd3025-dn18:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:ccid1445-dn28:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:ccms2025:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:siemens:cfmw1025:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-12-23T04:14Z"}

9.8 /10