Products

Solutions

Company

Book A Live Demo

CVE-2017-5178 : Security Advisory and Response

Discover the security vulnerability in Schneider Electric's Tableau Server/Desktop and Wonderware Intelligence versions with default system accounts. Learn about the impact, affected systems, and mitigation steps.

A vulnerability has been identified in Schneider Electric's Tableau Server/Desktop Versions 7.0 to 10.1.3 and Wonderware Intelligence Versions 2014R3 and earlier. This CVE highlights a security issue related to default system accounts.

Understanding CVE-2017-5178

This CVE pertains to a vulnerability in Schneider Electric's Tableau Server/Desktop and Wonderware Intelligence versions, specifically concerning default system accounts.

What is CVE-2017-5178?

CVE-2017-5178 is a security vulnerability found in Schneider Electric's Tableau Server/Desktop Versions 7.0 to 10.1.3 and Wonderware Intelligence Versions 2014R3 and earlier. It involves default system accounts that pose a risk in certain authentication modes.

The Impact of CVE-2017-5178

The vulnerability allows unauthorized access when Tableau Server is used in local authentication mode due to default system accounts. However, systems using Windows integrated security (Active Directory) are not affected.

Technical Details of CVE-2017-5178

This section provides more in-depth technical insights into the vulnerability.

Vulnerability Description

The affected versions come with a default system account that is challenging to configure with non-default credentials post-installation. Changing default credentials in the embedded Tableau Server is not documented.

Affected Systems and Versions

Product: Schneider Electric Wonderware Intelligence 2014R3 and prior

Versions: Schneider Electric Wonderware Intelligence 2014R3 and prior

Exploitation Mechanism

Vulnerable when Tableau Server is used in local authentication mode

Default system account can be exploited to gain unauthorized access

Mitigation and Prevention

Protecting systems from CVE-2017-5178 requires immediate actions and long-term security practices.

Immediate Steps to Take

Avoid using Tableau Server in local authentication mode if possible

Implement strong, unique credentials for default system accounts

Long-Term Security Practices

Regularly review and update system credentials

Monitor for unauthorized access attempts and unusual system behavior

Patching and Updates

Apply patches and updates provided by Schneider Electric to address this vulnerability

CVE-2017-5178 : Security Advisory and Response

Understanding CVE-2017-5178

What is CVE-2017-5178?

The Impact of CVE-2017-5178

Technical Details of CVE-2017-5178

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2017-5178 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2017-5178

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2017-5178?

The Impact of CVE-2017-5178

Technical Details of CVE-2017-5178

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2017-5178

What is CVE-2017-5178?

Is your System Free of Underlying Vulnerabilities?
Find Out Now