A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. An attacker may create an application user account to gain administrative privileges.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/100563 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04 | Mitigation Third Party Advisory US Government Resource VDB Entry |
http://www.securityfocus.com/bid/100563 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04 | Mitigation Third Party Advisory US Government Resource VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 03:10
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/100563 - Third Party Advisory, VDB Entry | |
References | () https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04 - Mitigation, Third Party Advisory, US Government Resource, VDB Entry |
Information
Published : 2017-09-09 01:29
Updated : 2024-11-21 03:10
NVD link : CVE-2017-12733
Mitre link : CVE-2017-12733
CVE.ORG link : CVE-2017-12733
JSON object : View
Products Affected
opwglobal
- sitesentinel_integra_500_firmware
- sitesentinel_isite_atg
- sitesentinel_integra_500
- sitesentinel_integra_100
- sitesentinel_integra_100_firmware
- sitesentinel_isite_atg_firmware
CWE
CWE-306
Missing Authentication for Critical Function