Vulnerability Description
A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. An attacker may create an application user account to gain administrative privileges.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opwglobal | Sitesentinel Isite Atg Firmware | <= 175 |
| Opwglobal | Sitesentinel Isite Atg | - |
| Opwglobal | Sitesentinel Integra 500 Firmware | <= 175 |
| Opwglobal | Sitesentinel Integra 500 | - |
| Opwglobal | Sitesentinel Integra 100 Firmware | <= 175 |
| Opwglobal | Sitesentinel Integra 100 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100563Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04MitigationThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/100563Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04MitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-12733?
CVE-2017-12733 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the foll...
How severe is CVE-2017-12733?
CVE-2017-12733 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-12733?
Check the references section above for vendor advisories and patch information. Affected products include: Opwglobal Sitesentinel Isite Atg Firmware, Opwglobal Sitesentinel Isite Atg, Opwglobal Sitesentinel Integra 500 Firmware, Opwglobal Sitesentinel Integra 500, Opwglobal Sitesentinel Integra 100 Firmware.