CVE-2017-7237 Information

Description

The Spiceworks TFTP Server as distributed with Spiceworks Inventory 7.5 allows remote attackers to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69 as demonstrated by a WRQ (aka Write request) operation for a configuration file or an executable file.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://hyp3rlinx.altervista.org/advisories/SPICEWORKS-IMPROPER-ACCESS-CONTROL-FILE-OVERWRITE.txt https://community.spiceworks.com/support/inventory/docs/network-configsecurity https://www.exploit-db.com/exploits/41825/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8