Vulnerabilities > CVE-2017-12711 - Unspecified vulnerability in Advantech Webaccess

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

advantech

NVD

Published: 2017-08-30

Updated: 2019-10-09

Summary

An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges.

Vulnerable Configurations

Part	Description	Count
Application	Advantech Advantech Webaccess 6.0 Advantech Webaccess 6.0-2007.06.05 Advantech Webaccess 6.0-2007.06.12 Advantech Webaccess 6.0-2007.06.18 Advantech Webaccess 6.0-2007.06.25 Advantech Webaccess 6.0-2007.07.09 Advantech Webaccess 6.0-2007.07.12 Advantech Webaccess 6.0-2007.07.24 Advantech Webaccess 6.0-2007.07.27 Advantech Webaccess 6.0-2007.08.01 Advantech Webaccess 6.0-2007.08.09 Advantech Webaccess 6.0-2007.09.05 Advantech Webaccess 6.0-2007.09.06 Advantech Webaccess 6.0-2007.09.10 Advantech Webaccess 6.0-2007.09.16 Advantech Webaccess 6.0-2007.09.26 Advantech Webaccess 6.0-2007.10.05 Advantech Webaccess 6.0-2007.10.16 Advantech Webaccess 6.0-2007.10.18 Advantech Webaccess 6.0-2007.10.30 Advantech Webaccess 6.0-2007.11.05 Advantech Webaccess 6.0-2007.11.08 Advantech Webaccess 6.0-2007.11.12 Advantech Webaccess 6.0-2007.11.27 Advantech Webaccess 6.0-2007.11.29 Advantech Webaccess 6.0-2007.12.06 Advantech Webaccess 6.0-2007.12.10 Advantech Webaccess 6.0-2008.01.14 Advantech Webaccess 6.0-2008.01.17 Advantech Webaccess 6.0-2008.01.21 Advantech Webaccess 6.0-2008.02.14 Advantech Webaccess 6.0-2008.03.04 Advantech Webaccess 6.0-2008.03.05 Advantech Webaccess 6.0-2008.03.06 Advantech Webaccess 6.0-2008.04.08 Advantech Webaccess 6.0-2008.04.28 Advantech Webaccess 6.0-2008.04.29 Advantech Webaccess 6.0-2008.05.12 Advantech Webaccess 6.0-2008.05.14 Advantech Webaccess 6.0-2008.05.15 Advantech Webaccess 6.0-2008.05.21 Advantech Webaccess 6.0-2008.05.29 Advantech Webaccess 6.0-2008.06.03 Advantech Webaccess 6.0-2008.06.06 Advantech Webaccess 6.0-2008.06.23 Advantech Webaccess 6.0-2008.06.25 Advantech Webaccess 6.0-2008.07.01 Advantech Webaccess 6.0-2008.07.18 Advantech Webaccess 6.0-2008.07.29 Advantech Webaccess 6.0-2008.08.03 Advantech Webaccess 6.0-2008.08.26 Advantech Webaccess 6.0-2008.09.12 Advantech Webaccess 6.0-2008.09.23 Advantech Webaccess 6.0-2008.09.29 Advantech Webaccess 6.0-2008.09.30 Advantech Webaccess 6.0-2008.11.03 Advantech Webaccess 6.0-2008.11.06 Advantech Webaccess 6.0-2008.11.07 Advantech Webaccess 6.0-2008.11.12 Advantech Webaccess 6.0-2008.11.14 Advantech Webaccess 6.0-2008.12.30 Advantech Webaccess 6.0-2009.1.06 Advantech Webaccess 6.0-2009.1.14 Advantech Webaccess 6.0-2009.2.3 Advantech Webaccess 6.0-2009.2.10 Advantech Webaccess 6.0-2009.2.18 Advantech Webaccess 6.0-2009.3.10 Advantech Webaccess 6.0-2009.3.24 Advantech Webaccess 6.0-2009.3.29 Advantech Webaccess 6.0-2009.4.01 Advantech Webaccess 6.0-2009.04.02 Advantech Webaccess 6.0-2009.04.09 Advantech Webaccess 6.0-2009.04.12 Advantech Webaccess 6.0-2009.04.27 Advantech Webaccess 6.0-2009.05.14 Advantech Webaccess 6.0-2009.05.27 Advantech Webaccess 6.0-2009.06.03 Advantech Webaccess 6.0-2009.06.08 Advantech Webaccess 6.0-2009.06.09 Advantech Webaccess 7-2009.10.13 Advantech Webaccess 7.0 Advantech Webaccess 7.0-2009.06.29 Advantech Webaccess 7.0-2009.07.21 Advantech Webaccess 7.0-2009.08.03 Advantech Webaccess 7.0-2009.08.13 Advantech Webaccess 7.0-2009.08.14 Advantech Webaccess 7.0-2009.11.16 Advantech Webaccess 7.0-2010.02.24 Advantech Webaccess 7.0-2010.05.10 Advantech Webaccess 7.0-2010.06.08 Advantech Webaccess 7.0-2010.07.02 Advantech Webaccess 7.0-2010.07.16 Advantech Webaccess 7.0-2010.08.10 Advantech Webaccess 7.0-2010.08.17 Advantech Webaccess 7.0-2010.09.02 Advantech Webaccess 7.0-2010.09.30 Advantech Webaccess 7.0-2010.11.10 Advantech Webaccess 7.0-2011.01.11 Advantech Webaccess 7.0-2011.01.26 Advantech Webaccess 7.0-2011.05.23 Advantech Webaccess 7.0-2011.08.27 Advantech Webaccess 7.0-2011.12.20 Advantech Webaccess 7.0-2012.03.02 Advantech Webaccess 7.0-2012.03.08 Advantech Webaccess 7.0-2012.03.18 Advantech Webaccess 7.0-2012.03.29 Advantech Webaccess 7.0-2012.05.21 Advantech Webaccess 7.0-2012.06.02 Advantech Webaccess 7.0-2012.06.29 Advantech Webaccess 7.0-2012.09.12 Advantech Webaccess 7.0-2012.09.13 Advantech Webaccess 7.0-2012.10.31 Advantech Webaccess 7.0-2012.11.29 Advantech Webaccess 7.0-2012.12.05 Advantech Webaccess 7.0-2012.12.10 Advantech Webaccess 7.0-2013.01.02 Advantech Webaccess 7.0-2013.01.08 Advantech Webaccess 7.0-2013.01.17 Advantech Webaccess 7.0-2013.01.21 Advantech Webaccess 7.1 Advantech Webaccess 7.1-2013.04.01 Advantech Webaccess 7.2 Advantech Webaccess 7.2-2013.07.01 Advantech Webaccess 7.2-2013.07.26 Advantech Webaccess 7.2-2013.08.05 Advantech Webaccess 7.2-2013.08.18 Advantech Webaccess 7.2-2013.08.25 Advantech Webaccess 7.2-2013.09.12 Advantech Webaccess 7.2-2013.09.24 Advantech Webaccess 7.2-2013.09.27 Advantech Webaccess 7.2-2013.10.02 Advantech Webaccess 7.2-2013.10.17 Advantech Webaccess 7.2-2013.10.22 Advantech Webaccess 7.2-2013.10.24 Advantech Webaccess 7.2-2013.10.28 Advantech Webaccess 7.2-2013.10.30 Advantech Webaccess 7.2-2013.11.01 Advantech Webaccess 7.2-2013.11.14 Advantech Webaccess 7.2-2013.12.15 Advantech Webaccess 7.2-2014.01.10 Advantech Webaccess 7.2-2014.01.20 Advantech Webaccess 7.2-2014.01.24 Advantech Webaccess 7.2-2014.02.10 Advantech Webaccess 7.2_20140303 Advantech Webaccess 7.2_20140606 Advantech Webaccess 7.2_20140730 Advantech Webaccess 8.0 Advantech Webaccess 8.0-2014.10.31 Advantech Webaccess 8.0_20150412 Advantech Webaccess 8.0_20150816 Advantech Webaccess 8.1 Advantech Webaccess 8.1_20151230 Advantech Webaccess 8.1_20160519 Advantech Webaccess 8.2	154

Summary

Vulnerable Configurations

References