Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Telerik Web UI contains cryptographic weakness
Informations
Name VU#838200 First vendor Publication 2017-07-25
Vendor VU-CERT Last vendor Modification 2017-07-25
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#838200

Telerik Web UI contains cryptographic weakness

Original Release date: 25 Jul 2017 | Last revised: 25 Jul 2017

Overview

The Telerik Web UI, versions R2 2017 (2017.2.503) and prior, is vulnerable to a cryptographic weakness which an attacker can exploit to extract encryption keys.

Description

CWE-326: Inadequate Encryption Strength - CVE-2017-9248

The Telerik.Web.UI.dll is vulnerable to a cryptographic weakness which allows the attacker to extract the Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey.
Versions R2 2017 (2017.2.503) and prior are vulnerable.

Impact

A remote, unauthenticated attacker could perform arbitrary file upload and downloads, cross-site scripting attacks, leak the MachineKey, or compromise the ASP.NET ViewState.
Software vendors who use Telerik web components may also be impacted.

Solution

Apply an update
Please see the Telerik's support article for update information for specific versions.

The support article also provides information to those who are unable to update their software.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
DotNetNukeAffected-18 Jul 2017
TelerikAffected-19 Jul 2017
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base7.5AV:N/AC:L/Au:N/C:P/I:P/A:P
Temporal7.5E:ND/RL:ND/RC:ND
Environmental5.6CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

  • http://www.telerik.com/blogs/security-alert-for-telerik-ui-for-asp.net-ajax-and-progress-sitefinity
  • http://www.telerik.com/support/kb/aspnet-ajax/details/cryptographic-weakness
  • http://www.dnnsoftware.com/community-blog/cid/155436/critical-security-update--june-2017
  • http://www.dnnsoftware.com/community/security/security-center

Credit

Telerik thanks to Erlend Leiknes, security consultant in Mnemonic AS, and Thanh Van Tien Nguyen for reporting this vulnerability.

This document was written by Trent Novelly.

Other Information

  • CVE IDs:CVE-2017-9248
  • Date Public:26 Jun 2017
  • Date First Published:25 Jul 2017
  • Date Last Updated:25 Jul 2017
  • Document Revision:11

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/838200

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-522 Insufficiently Protected Credentials (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

Snort® IPS/IDS

Date Description
2019-10-08 Telerik UI cryptographic keys disclosure attempt
RuleID : 51418 - Revision : 2 - Type : SERVER-WEBAPP
2019-10-08 Telerik UI cryptographic keys disclosure attempt
RuleID : 51417 - Revision : 2 - Type : POLICY-OTHER

Nessus® Vulnerability Scanner

Date Description
2017-06-30 Name : A web application development suite installed on the Windows remote host is a...
File : telerik_ui_for_aspnet_ajax_CVE-2017-9248.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2017-07-25 17:20:39
  • First insertion