製品・ソフトウェアに関する情報

JVN脆弱性詳細

Tollgrade LightHouse Sensor Management System における認証を回避される脆弱性

Title	Tollgrade LightHouse Sensor Management System における認証を回避される脆弱性
Summary	Tollgrade LightHouse Sensor Management System には、認証を回避され、ソフトウェアを再起動される脆弱性が存在します。
Possible impacts	第三者により、認証を回避され、ソフトウェアを再起動される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	July 12, 2016, midnight
Registration Date	July 21, 2016, 6:15 p.m.
Last Update	July 21, 2016, 6:15 p.m.

Affected System

Tollgrade Communications, Inc.

LightHouse Sensor Management System 5.1 patch 3 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2016-5790	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5790
National Vulnerability Database (NVD)
2	CVE-2016-5790	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5790

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
Tollgrade
1	Sensor Management System (SMS)	http://www.tollgrade.com/smartgrid/smart-grid-products/predictivegrid-analytics-software/

その他

No	Name	URL
ICS-CERT ADVISORY
1	ICSA-16-194-01	https://ics-cert.us-cert.gov/advisories/ICSA-16-194-01

Change Log

No	Changed Details	Date of change
0	[2016年07月21日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2016-5790

Summary	Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to bypass authentication and restart the software via unspecified vectors.
Publication Date	July 16, 2016, 1:59 a.m.
Registration Date	Jan. 26, 2021, 2:14 p.m.
Last Update	Nov. 21, 2024, 11:55 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:enghousenetworks:lighthouse_sms::::::::			5.1

Related information, measures and tools

No	URL	タグ
1	http://www.securityfocus.com/bid/91728	Third Party Advisory VDB Entry
2	http://www.securityfocus.com/bid/91728	Third Party Advisory VDB Entry
3	https://ics-cert.us-cert.gov/advisories/ICSA-16-194-01	Third Party Advisory US Government Resource
4	https://ics-cert.us-cert.gov/advisories/ICSA-16-194-01	Third Party Advisory US Government Resource

Common Vulnerabilities List