Published:2017/08/01  Last Updated:2017/08/04

JVNVU#91587298
Multiple vulnerabilities in MaLion

Overview

MaLion provided by Intercom, Inc. contains multiple vulnerabilities.

Products Affected

Affected versions and conditions of use vary depending on respective vulnerabilities.
For details, refer to the information provided by the developers.

 ・CVE-2017-10815
  MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is installed)
  MaLion for Mac 4.0.1 to  5.2.1 (only when "Remote Control" is installed)

 ・CVE-2017-10816, CVE-2017-10817
  MaLion for Windows and Mac 5.0.0 to 5.2.1

 ・CVE-2017-10818
  MaLion for Windows and Mac 3.2.1 to 5.2.1

 ・CVE-2017-10819
  MaLion for Mac 4.3.0 to 5.2.1

Description

MaLion provided by Intercom, Inc. is enterprise IT asset management software.  MaLion contains multiple vulnerabilities listed below.

  • Incorrect Authentication in Terminal Agent (CWE-863) - CVE-2017-10815
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8
    CVSS v2 AV:N/AC:L/Au:N/C:C/I:C/A:C Base Score: 10.0
  • SQL injection in Relay Service Server (CWE-89) - CVE-2017-10816
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 9.8
    CVSS v2 AV:N/AC:L/Au:N/C:C/I:C/A:C Base Score: 10.0
  • Missing Authorization in Relay Service Server (CWE-862) - CVE-2017-10817
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Base Score: 9.8
    CVSS v2 AV:N/AC:L/Au:N/C:C/I:C/A:C Base Score: 10.0
  • Use of Hard-coded Cryptographic Key (CWE-321) - CVE-2017-10818
    CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score: 4.8
    CVSS v2 AV:N/AC:M/Au:N/C:P/I:P/A:N Base Score: 5.8
  • Improper Certificate Validation in Relay Service Server (CWE-295) - CVE-2017-10819
    CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Base Score: 4.8
    CVSS v2 AV:N/AC:H/Au:N/C:P/I:P/A:N Base Score: 4.0

Impact

A possible impact of each vulnerability is as follows.

  • A remote unauthenticated attacker may execute an arbitrary command or conduct arbitrary operations on Terminal Agent - CVE-2017-10815
  • A remote unauthenticated attacker may execute an arbitrary SQL query or alter settings on Relay Service Server - CVE-2017-10816, CVE-2017-10817
  • Connection settings of Terminal Agent may be altered by an unauthenticated attacker who successfully obtained a key for encryption and spoof as a Relay Service - CVE-2017-10818
  • A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication - CVE-2017-10819

Solution

Update the Software
Apply the appropriate update according to the information provided by the developer.

Vendor Status

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Muneaki Nishimura of of Recruit Technologies Co.,Ltd. RED TEAM reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2017-10815
CVE-2017-10816
CVE-2017-10817
CVE-2017-10818
CVE-2017-10819
JVN iPedia

Update History

2017/08/04
Information under [Products Affected] and [Impact] was corrected.