CVE-2017-5136

{"id": "CVE-2017-5136", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-02-05T18:59:00.197", "references": [{"url": "http://www.securityfocus.com/bid/96031", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/", "tags": ["Third Party Advisory", "URL Repurposed"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/96031", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/", "tags": ["Third Party Advisory", "URL Repurposed"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed to check the access control of the request which could result in an attacker being able to shutdown the system."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en dispositivos SendQuick Entera y Avera en versiones anteriores a 2HF16. La aplicaci\u00f3n no pudo comprobar el control de acceso de la solicitud por lo que podr\u00eda resultar en que un atacante fuese capaz de apagar el sistema."}], "lastModified": "2025-04-20T01:37:25.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sendquick:entera_sms_gateway_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9649AFA2-5306-4888-8335-DDBCCDABA57B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sendquick:entera_sms_gateway:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7501D6BC-A349-40DB-98DF-0047FEA3F82A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sendquick:avera_sms_gateway_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7EF5B6E4-D97A-4B9B-8219-76357BE2BF51"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sendquick:avera_sms_gateway:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A9176344-BE46-48F4-A5C4-109184E37D0B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}