CVE-2017-6564 - OpenCVE

On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as databases which contain information that can aid in further attacks.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Franklinfueling	Ts-550 Evo Ts-550 Evo Firmware

Configuration 1 [-]

AND

cpe:2.3:o:franklinfueling:ts-550_evo_firmware:2.3.0.7332:*:*:*:*:*:*:*

cpe:2.3:h:franklinfueling:ts-550_evo:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.u235.io/single-post/2017/05/01/Penetrating-Fuel-Management-Systems	Technical Description Third Party Advisory URL Repurposed
https://gist.github.com/Stick-U235/b187931f828e92866d09b9bdeb956ca2	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-05-01T19:00:00

Updated: 2017-05-01T18:57:01

Reserved: 2017-03-09T00:00:00

Link: CVE-2017-6564

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-05-01T19:59:00.160

Modified: 2024-02-14T01:17:43.863

Link: CVE-2017-6564

JSON object: View

Redhat Information

No data.

CWE

CWE-862

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-05-01T00:00:00", "descriptions": [{"lang": "en", "value": "On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as databases which contain information that can aid in further attacks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-05-01T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.u235.io/single-post/2017/05/01/Penetrating-Fuel-Management-Systems"}, {"tags": ["x_refsource_MISC"], "url": "https://gist.github.com/Stick-U235/b187931f828e92866d09b9bdeb956ca2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-6564", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as databases which contain information that can aid in further attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.u235.io/single-post/2017/05/01/Penetrating-Fuel-Management-Systems", "refsource": "MISC", "url": "http://www.u235.io/single-post/2017/05/01/Penetrating-Fuel-Management-Systems"}, {"name": "https://gist.github.com/Stick-U235/b187931f828e92866d09b9bdeb956ca2", "refsource": "MISC", "url": "https://gist.github.com/Stick-U235/b187931f828e92866d09b9bdeb956ca2"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-6564", "datePublished": "2017-05-01T19:00:00", "dateReserved": "2017-03-09T00:00:00", "dateUpdated": "2017-05-01T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:franklinfueling:ts-550_evo_firmware:2.3.0.7332:*:*:*:*:*:*:*", "matchCriteriaId": "B60F50B7-8706-4CB1-A4AA-A08DE9D17742", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:franklinfueling:ts-550_evo:-:*:*:*:*:*:*:*", "matchCriteriaId": "42AF9F76-7481-4621-B002-510053E61A7B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the Guest user, which contains the lowest privileges, can post to the idSourceFileName parameter found within the /download directory. This ability allows for an attacker to download sensitive system files from the host machine such as databases which contain information that can aid in further attacks."}, {"lang": "es", "value": "En los dispositivos Franklin Fueling Systems TS-550 evo 2.3.0.7332, el usuario invitado, que posee los privilegios m\u00e1s bajos, puede publicar el par\u00e1metro idSourceFileName situado en el directorio /download. Esta capacidad permite a un atacante descargar archivos sensibles del sistema de la m\u00e1quina host, tales como bases de datos, que contienen informaci\u00f3n que podr\u00eda ser de ayuda para nuevos ataques."}], "id": "CVE-2017-6564", "lastModified": "2024-02-14T01:17:43.863", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-01T19:59:00.160", "references": [{"source": "cve@mitre.org", "tags": ["Technical Description", "Third Party Advisory", "URL Repurposed"], "url": "http://www.u235.io/single-post/2017/05/01/Penetrating-Fuel-Management-Systems"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://gist.github.com/Stick-U235/b187931f828e92866d09b9bdeb956ca2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}