CVE-2017-9491

{"id": "CVE-2017-9491", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2017-07-31T03:29:00.707", "references": [{"url": "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-35.improper-cookie-flags.txt", "tags": ["Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices does not set the secure flag for cookies in an https session to an administration application, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session."}, {"lang": "es", "value": "El firmware Comcast en los dispositivos Cisco DPC3939 (versi\u00f3n de firmware dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (versi\u00f3n de firmware dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (versi\u00f3n de firmware dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (versi\u00f3n de firmware DPC3941_2.5s3_PROD_sey); y Arris TG1682G (eMTA & DOCSIS versi\u00f3n 10.0.132.SIP.PC20.CT, versi\u00f3n de software TG1682_2.2p7s2_PROD_sey), no establecen la flag secure para las cookies en una sesi\u00f3n https para una aplicaci\u00f3n de administraci\u00f3n, lo que hace m\u00e1s f\u00e1cil para atacantes remotos capturar cookies interceptando su transmisi\u00f3n dentro de una sesi\u00f3n http."}], "lastModified": "2021-09-13T11:30:59.870", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:dpc3939_firmware:dpc3939-p20-18-v303r20421733-160420a-cmcst:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76A1B99C-3219-4AED-85CE-18B979634B08"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:dpc3939:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4E96E97-FA9D-446C-A5D7-1B4C2DD939D4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:dpc3939_firmware:dpc3939-p20-18-v303r20421746-170221a-cmcst:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C881B07A-9652-465E-A804-1B5ED959E1C4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:dpc3939:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4E96E97-FA9D-446C-A5D7-1B4C2DD939D4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:dpc3939b_firmware:dpc3939b-v303r204217-150321a-cmcst:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66771E5F-70F1-409D-92EE-D30BF402F8FA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:dpc3939b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "600BCE42-4D69-42EB-AB79-2893A0D4D5C3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:dpc3941t_firmware:dpc3941_2.5s3_prod_sey:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42C5B524-7AF3-4171-8D5F-8AE80C7EA925"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:dpc3941t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "053BE8F7-5FFA-4021-B18C-651F0546A04B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:commscope:arris_tg1682g_firmware:10.0.132.sip.pc20.ct:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A2CACD9-23A9-4E24-A1C5-A09B99874EA9"}, {"criteria": "cpe:2.3:o:commscope:arris_tg1682g_firmware:tg1682_2.2p7s2_prod_sey:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E70716B6-6002-457E-8414-297402EDCC74"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:commscope:arris_tg1682g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D2AFAD9-07CD-4960-801F-A602CB31BD61"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}