CVE-2021-35962 - OpenCVE

Specific page parameters in Dr. ID Door Access Control and Personnel Attendance Management system does not filter special characters. Remote attackers can apply Path Traversal means to download credential files from the system without permission.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Secom	Personnel Attendance System Door Access Control

Configuration 1 [-]

OR	cpe:2.3:a:secom:door_access_control::::::::
	cpe:2.3:a:secom:personnel_attendance_system::::::::

References

Link	Resource
https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054	Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: twcert

Published: 2021-07-15T00:00:00

Updated: 2021-07-16T15:20:35

Reserved: 2021-06-30T00:00:00

Link: CVE-2021-35962

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-07-16T16:15:11.023

Modified: 2021-08-02T17:33:23.063

Link: CVE-2021-35962

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"platforms": ["Door Access Control"], "product": "Door Access Control and Personnel Attendance Management system", "vendor": "TAIWAN SECOM CO., LTD.,", "versions": [{"lessThanOrEqual": "3.3.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["Personnel Attendance system"], "product": "Door Access Control and Personnel Attendance Management system", "vendor": "TAIWAN SECOM CO., LTD.,", "versions": [{"lessThanOrEqual": "3.4.0.0.3.12_20210525", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2021-07-15T00:00:00", "descriptions": [{"lang": "en", "value": "Specific page parameters in Dr. ID Door Access Control and Personnel Attendance Management system does not filter special characters. Remote attackers can apply Path Traversal means to download credential files from the system without permission."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-07-16T15:20:35", "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054"}], "solutions": [{"lang": "en", "value": "Update to:\nPersonnel Attendance system ver. 3.4.0.0.3.12_20210525"}], "source": {"advisory": "TVN-202107003", "discovery": "EXTERNAL"}, "title": "TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Path Traversal", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", "DATE_PUBLIC": "2021-07-15T11:19:00.000Z", "ID": "CVE-2021-35962", "STATE": "PUBLIC", "TITLE": "TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Path Traversal"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Door Access Control and Personnel Attendance Management system", "version": {"version_data": [{"platform": "Door Access Control", "version_affected": "<=", "version_value": "3.3.2"}, {"platform": "Personnel Attendance system", "version_affected": "<=", "version_value": "3.4.0.0.3.12_20210525"}]}}]}, "vendor_name": "TAIWAN SECOM CO., LTD.,"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Specific page parameters in Dr. ID Door Access Control and Personnel Attendance Management system does not filter special characters. Remote attackers can apply Path Traversal means to download credential files from the system without permission."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html", "refsource": "MISC", "url": "https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html"}, {"name": "https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054", "refsource": "MISC", "url": "https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054"}]}, "solution": [{"lang": "en", "value": "Update to:\nPersonnel Attendance system ver. 3.4.0.0.3.12_20210525"}], "source": {"advisory": "TVN-202107003", "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "assignerShortName": "twcert", "cveId": "CVE-2021-35962", "datePublished": "2021-07-15T00:00:00", "dateReserved": "2021-06-30T00:00:00", "dateUpdated": "2021-07-16T15:20:35", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:secom:door_access_control:*:*:*:*:*:*:*:*", "matchCriteriaId": "0364F401-A33B-4291-84E9-7F4A47343077", "versionEndIncluding": "3.3.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:secom:personnel_attendance_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "D70B460F-FDEF-47FC-A9D1-B2B37C376A80", "versionEndIncluding": "3.4.0.0.3.12_20210525", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Specific page parameters in Dr. ID Door Access Control and Personnel Attendance Management system does not filter special characters. Remote attackers can apply Path Traversal means to download credential files from the system without permission."}, {"lang": "es", "value": "Unos par\u00e1metros espec\u00edficos de la p\u00e1gina en el sistema Dr. ID Door Access Control and Personnel Attendance Management no filtran los caracteres especiales. Unos atacantes remotos pueden aplicar medios de Salto de Ruta para descargar archivos de credenciales del sistema sin permiso"}], "id": "CVE-2021-35962", "lastModified": "2021-08-02T17:33:23.063", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "twcert@cert.org.tw", "type": "Primary"}]}, "published": "2021-07-16T16:15:11.023", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054"}, {"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "twcert@cert.org.tw", "type": "Primary"}]}