CVE-2017-5178 : An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence V

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials after installation, and changing the default credentials in the embedded Tableau Server is not documented. If Tableau Server is used with Windows integrated security (Active Directory), the software is not vulnerable. However, when Tableau Server is used with local authentication mode, the software is vulnerable. The default system account could be used to gain unauthorized access.

Published 2017-03-08 08:59:00

Updated 2021-06-04 14:19:36

Source ICS-CERT

View at NVD, CVE.org

Vulnerability category: Bypass

Exploit prediction scoring system (EPSS) score for CVE-2017-5178

Probability of exploitation activity in the next 30 days: 0.21%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2017-5178

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-5178

CWE-1188 Initialization of a Resource with an Insecure Default

The product initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-5178

http://www.securityfocus.com/bid/96721

Schneider Electric Wonderware Intelligence Default Credentials Security Bypass Vulnerability
Third Party Advisory;VDB Entry
http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000119/

Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-066-01

Schneider Electric Wonderware Intelligence | CISA
Third Party Advisory;US Government Resource

Products affected by CVE-2017-5178

Schneider-electric » Tableau Server » Version: 7.0
cpe:2.3:a:schneider-electric:tableau_server:7.0:*:*:*:*:*:*:*
Matching versions
Schneider-electric » Tableau Server » Version: 10.1.3
cpe:2.3:a:schneider-electric:tableau_server:10.1.3:*:*:*:*:*:*:*
Matching versions
Schneider-electric » Tableau Desktop » Version: 10.1.3
cpe:2.3:a:schneider-electric:tableau_desktop:10.1.3:*:*:*:*:*:*:*
Matching versions
Schneider-electric » Tableau Desktop » Version: 7.0
cpe:2.3:a:schneider-electric:tableau_desktop:7.0:*:*:*:*:*:*:*
Matching versions
Schneider-electric » Wonderware Intelligence » Update R3
Versions up to, including, (<=) 2014
cpe:2.3:a:schneider-electric:wonderware_intelligence:*:r3:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2017-5178

Exploit prediction scoring system (EPSS) score for CVE-2017-5178

CVSS scores for CVE-2017-5178

CWE ids for CVE-2017-5178

References for CVE-2017-5178

Products affected by CVE-2017-5178