CVE-2017-7649 Information

Description

The network enabled distribution of Kura before 2.1.0 takes control over the device’s firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is left open allowing to log into Kura without any user credentials over unencrypted telnet and executing commands using the Equinox \exec\ command. As the process is running as \root\ full control over the device can be acquired. IPv6 is also left in auto-configuration mode accepting router advertisements automatically and assigns a MAC address based IPv6 address.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://bugs.eclipse.org/bugs/show_bug.cgi?id=514681 https://github.com/eclipse/kura/issues/956

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8