CVE-2017-12822 CRITICAL

Published: 2017-10-04 | Last Modified: 2026-06-17 | Status: Modified

Description

Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors.

Additional Descriptions (1)

La habilitación y deshabilitación remota de la interfaz de administración en los productos HASP SRM, Sentinel HASP y Sentinel LDK de Gemalto anteriores a la versión 7.55 de Sentinel LDK RTE podría permitir que se originen nuevos vectores de ataque.

CVSS Metrics

Base Score: 7.5 (HIGH)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector	NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	PARTIAL
Integrity Impact	PARTIAL
Availability Impact	PARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 6.4

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-306

Affected Products

Vendor	Product	Version	Update	Type
sentinel	sentinel_ldk_rte_firmware	*	<built-in method update of dict object at 0x72a9b0e0ee00>	Operating System

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:sentinel:sentinel_ldk_rte_firmware::::::::`

References

http://www.securityfocus.com/bid/102906
Source: [email protected]
https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
Source: [email protected]
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-008-sentinel-ldk-rte-remote-enabling-and-disabling-admin-interface/
Source: [email protected]

Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
Source: [email protected]
http://www.securityfocus.com/bid/102906
Source: af854a3a-2127-422b-91ae-364da2661108
https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-008-sentinel-ldk-rte-remote-enabling-and-disabling-admin-interface/
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
Source: af854a3a-2127-422b-91ae-364da2661108