{"vuid":"VU#184077","idnumber":"184077","name":"Navarino Infinity web interface is affected by multiple vulnerabilities.","keywords":["SATCOM"],"overview":"Navarino Infinity web interface up to version 2.2 is affected by multiple vulnerabilities.","clean_desc":"CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - CVE-2018-5384 Navarino Infinity exposes an unauthenticated script that is prone to blind sql injection. CWE-384: Session Fixation - CVE-2018-5385 Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. CWE-288: Authentication Bypass Using an Alternate Path or Channel -CVE-2018-5386 Some Navarino Infinity functions placed in the URL can bypass any authentication mechanism leading to an information leak.","impact":"A remote, unauthenticated attacker may be able to bypass authentication and perform some administrative functions or perform SQL injection.","resolution":"According to the vendor's website, the hotfix has been made available to all Infinity users.","workarounds":"","sysaffected":"","thanks":"Thanks to Vangelis Stykas for reporting this vulnerability.","author":"This document was written by Noelle Allon.","public":["https://cwe.mitre.org/data/definitions/89.html","https://cwe.mitre.org/data/definitions/384.html","https://cwe.mitre.org/data/definitions/288.html"],"cveids":["CVE-2018-5384","CVE-2018-5385","CVE-2018-5386"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2018-02-09T12:38:37Z","publicdate":"2018-02-07T00:00:00Z","datefirstpublished":"2018-03-27T16:58:10Z","dateupdated":"2018-03-27T17:19:46Z","revision":42,"vrda_d1_directreport":"1","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"C","cvss_integrityimpact":"C","cvss_availabilityimpact":"C","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"ND","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"10","cvss_basevector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvss_temporalscore":"8.7","cvss_environmentalscore":"8.6952104064","cvss_environmentalvector":"CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}