cvelistv5 - cve-2018-4836

CVE-2018-4836 (GCVE-0-2018-4836)

Vulnerability from cvelistv5 – Published: 2018-01-25 14:00 – Updated: 2024-09-16 17:32

Summary

Severity ?

No CVSS data available.

CWE

CWE-287 - Improper Authentication

Assigner

siemens

References

URL

Tags

	https://www.siemens.com/cert/pool/cert/siemens_se…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/102904	vdb-entryx_refsource_BID
	http://www.securityfocus.com/bid/102897	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Siemens AG	TeleControl Server Basic	Affected: All versions < V3.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:18:26.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
          },
          {
            "name": "102904",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102904"
          },
          {
            "name": "102897",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102897"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "TeleControl Server Basic",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1"
            }
          ]
        }
      ],
      "datePublic": "2018-01-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287: Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-03T10:57:01",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
        },
        {
          "name": "102904",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102904"
        },
        {
          "name": "102897",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102897"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "DATE_PUBLIC": "2018-01-25T00:00:00",
          "ID": "CVE-2018-4836",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "TeleControl Server Basic",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287: Improper Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf",
              "refsource": "CONFIRM",
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
            },
            {
              "name": "102904",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102904"
            },
            {
              "name": "102897",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102897"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-4836",
    "datePublished": "2018-01-25T14:00:00Z",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-09-16T17:32:46.608Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.1\", \"matchCriteriaId\": \"E31D80D0-A773-45F5-8155-43861100BC48\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en TeleControl Server Basic en versiones anteriores a la 3.1. Un atacante autenticado con una cuenta de privilegios bajos en el puerto 8000/tcp de TeleControl Server Basic podr\\u00eda escalar sus privilegios y realizar operaciones administrativas.\"}]",
      "id": "CVE-2018-4836",
      "lastModified": "2024-11-21T04:07:33.153",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-01-25T14:29:00.380",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/102897\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/102904\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/102897\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/102904\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "productcert@siemens.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"productcert@siemens.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-4836\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2018-01-25T14:29:00.380\",\"lastModified\":\"2024-11-21T04:07:33.153\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en TeleControl Server Basic en versiones anteriores a la 3.1. Un atacante autenticado con una cuenta de privilegios bajos en el puerto 8000/tcp de TeleControl Server Basic podr\u00eda escalar sus privilegios y realizar operaciones administrativas.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.1\",\"matchCriteriaId\":\"E31D80D0-A773-45F5-8155-43861100BC48\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/102897\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/102904\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/102897\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/102904\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2018-4836

Vulnerability from fkie_nvd - Published: 2018-01-25 14:29 - Updated: 2024-11-21 04:07

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/102897	Third Party Advisory, VDB Entry
productcert@siemens.com	http://www.securityfocus.com/bid/102904	Third Party Advisory, VDB Entry
productcert@siemens.com	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/102897	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/102904	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	siemens	telecontrol_server_basic	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E31D80D0-A773-45F5-8155-43861100BC48",
              "versionEndExcluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en TeleControl Server Basic en versiones anteriores a la 3.1. Un atacante autenticado con una cuenta de privilegios bajos en el puerto 8000/tcp de TeleControl Server Basic podr\u00eda escalar sus privilegios y realizar operaciones administrativas."
    }
  ],
  "id": "CVE-2018-4836",
  "lastModified": "2024-11-21T04:07:33.153",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-01-25T14:29:00.380",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102897"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102904"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102897"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2018-02347

Vulnerability from cnvd - Published: 2018-01-31

Title

Siemens TeleControl Server Basic权限提升漏洞

Description

Siemens TeleControl Server Basic是德国西门子（Siemens）公司的一套用于Siemens设备的远程控制系统。 Siemens TeleControl Server Basic 3.1之前的版本中存在安全漏洞。攻击者可利用该漏洞提升权限并执行管理操作。

Severity

高

Patch Name

Siemens TeleControl Server Basic权限提升漏洞的补丁

Patch Description

Siemens TeleControl Server Basic是德国西门子（Siemens）公司的一套用于Siemens设备的远程控制系统。 Siemens TeleControl Server Basic 3.1之前的版本中存在安全漏洞。攻击者可利用该漏洞提升权限并执行管理操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf

Reference

https://support.industry.siemens.com/cs/ww/en/view/109755199 https://ics-cert.us-cert.gov/advisories/ICSA-18-030-02

Impacted products

Name
Siemens TeleControl Server Basics <V3.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-4836"
    }
  },
  "description": "Siemens TeleControl Server Basic\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8eSiemens\u8bbe\u5907\u7684\u8fdc\u7a0b\u63a7\u5236\u7cfb\u7edf\u3002\r\n\r\nSiemens TeleControl Server Basic 3.1\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u5e76\u6267\u884c\u7ba1\u7406\u64cd\u4f5c\u3002",
  "discovererName": "Siemens ProductCERT",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-02347",
  "openTime": "2018-01-31",
  "patchDescription": "Siemens TeleControl Server Basic\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8eSiemens\u8bbe\u5907\u7684\u8fdc\u7a0b\u63a7\u5236\u7cfb\u7edf\u3002\r\n\r\nSiemens TeleControl Server Basic 3.1\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u5347\u6743\u9650\u5e76\u6267\u884c\u7ba1\u7406\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens TeleControl Server Basic\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Siemens TeleControl Server Basics \u003cV3.1"
  },
  "referenceLink": "https://support.industry.siemens.com/cs/ww/en/view/109755199 \r\nhttps://ics-cert.us-cert.gov/advisories/ICSA-18-030-02",
  "serverity": "\u9ad8",
  "submitTime": "2018-01-26",
  "title": "Siemens TeleControl Server Basic\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CERTFR-2018-AVI-057

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans SCADA Siemens TeleControl Server Basic. Elles permettent à un attaquant de provoquer une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Siemens	N/A	TeleControl Server Basic versions antérieures à V3.1

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-651454 du 25 janvier 2018

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "TeleControl Server Basic versions ant\u00e9rieures \u00e0 V3.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-4835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4835"
    },
    {
      "name": "CVE-2018-4837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4837"
    },
    {
      "name": "CVE-2018-4836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4836"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-057",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-01-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SCADA Siemens\nTeleControl Server Basic. Elles permettent \u00e0 un attaquant de provoquer\nune \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA Siemens TeleControl Server Basic",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-651454 du 25 janvier 2018",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-651454.pdf"
    }
  ]
}

CERTFR-2018-AVI-057

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans SCADA Siemens TeleControl Server Basic. Elles permettent à un attaquant de provoquer une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Siemens	N/A	TeleControl Server Basic versions antérieures à V3.1

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens SSA-651454 du 25 janvier 2018

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "TeleControl Server Basic versions ant\u00e9rieures \u00e0 V3.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-4835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4835"
    },
    {
      "name": "CVE-2018-4837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4837"
    },
    {
      "name": "CVE-2018-4836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4836"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-057",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-01-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SCADA Siemens\nTeleControl Server Basic. Elles permettent \u00e0 un attaquant de provoquer\nune \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA Siemens TeleControl Server Basic",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-651454 du 25 janvier 2018",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_SSA-651454.pdf"
    }
  ]
}

GHSA-25WC-VM27-VMMQ

Vulnerability from github – Published: 2022-05-13 01:32 – Updated: 2022-05-13 01:32

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-4836"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-25T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations.",
  "id": "GHSA-25wc-vm27-vmmq",
  "modified": "2022-05-13T01:32:16Z",
  "published": "2022-05-13T01:32:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4836"
    },
    {
      "type": "WEB",
      "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102897"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/102904"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-4836

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-4836

Aliases

CVE-2018-4836

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-4836",
    "description": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations.",
    "id": "GSD-2018-4836"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-4836"
      ],
      "details": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations.",
      "id": "GSD-2018-4836",
      "modified": "2023-12-13T01:22:28.710613Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "DATE_PUBLIC": "2018-01-25T00:00:00",
        "ID": "CVE-2018-4836",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "TeleControl Server Basic",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V3.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-287: Improper Authentication"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf",
            "refsource": "CONFIRM",
            "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
          },
          {
            "name": "102904",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/102904"
          },
          {
            "name": "102897",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/102897"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-4836"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
            },
            {
              "name": "102904",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/102904"
            },
            {
              "name": "102897",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/102897"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:41Z",
      "publishedDate": "2018-01-25T14:29Z"
    }
  }
}

ICSA-18-030-02

Vulnerability from csaf_cisa - Published: 2018-01-30 00:00 - Updated: 2018-01-30 00:00

Summary

Siemens TeleControl Server Basic

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

ATTENTION: Remotely exploitable/low skill level to exploit.

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls, and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available in the NCCIC Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting the vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "ATTENTION: Remotely exploitable/low skill level to exploit.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls, and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available in the NCCIC Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-030-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-030-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-030-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-030-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/"
      }
    ],
    "title": "Siemens TeleControl Server Basic",
    "tracking": {
      "current_release_date": "2018-01-30T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-030-02",
      "initial_release_date": "2018-01-30T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-01-30T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-030-02 Siemens TeleControl Server Basic"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 3.1",
                "product": {
                  "name": "TeleControl Server Basic: versions prior to V3.1",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "TeleControl Server Basic"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-4835",
      "cwe": {
        "id": "CWE-288",
        "name": "Authentication Bypass Using an Alternate Path or Channel"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker with network access to Port 8000/TCP could bypass the authentication mechanism gaining access to limited information. CVE-2018-4835 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-4835"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Siemens recommends that users install the latest version of TeleControl Server Basic.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109755199"
        },
        {
          "category": "mitigation",
          "details": "If TeleControl Server Basic is operated in standalone mode, then users can close Port 8000/TCP on the Windows firewall to mitigate vulnerabilities CVE-2018-4835 and CVE-2018-4836.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If TeleControl Server Basic is operated in redundancy mode, then users can use the Windows firewall to restrict access to Port 8000/TCP to the second TeleControl Server Basics\u0027 IP address to mitigate vulnerabilities CVE-2018-4835 and CVE-2018-4836.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users can use the Windows firewall to close Ports 80/TCP and 443/TCP to mitigate vulnerability CVE-2018-4837.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "For more information on these vulnerabilities and more detailed mitigation instructions, please see Siemens Security Advisory SSA-65145.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-4836",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authenticated attacker with network access to Port 8000/TCP could escalate privileges and perform administrative operations. CVE-2018-4836 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-4836"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Siemens recommends that users install the latest version of TeleControl Server Basic.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109755199"
        },
        {
          "category": "mitigation",
          "details": "If TeleControl Server Basic is operated in standalone mode, then users can close Port 8000/TCP on the Windows firewall to mitigate vulnerabilities CVE-2018-4835 and CVE-2018-4836.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If TeleControl Server Basic is operated in redundancy mode, then users can use the Windows firewall to restrict access to Port 8000/TCP to the second TeleControl Server Basics\u0027 IP address to mitigate vulnerabilities CVE-2018-4835 and CVE-2018-4836.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users can use the Windows firewall to close Ports 80/TCP and 443/TCP to mitigate vulnerability CVE-2018-4837.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "For more information on these vulnerabilities and more detailed mitigation instructions, please see Siemens Security Advisory SSA-65145.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-4837",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker with access to the TeleControl Server Basic \u0027s webserver (Ports 80/TCP or 443/TCP) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition. CVE-2018-4837 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-4837"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Siemens recommends that users install the latest version of TeleControl Server Basic.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109755199"
        },
        {
          "category": "mitigation",
          "details": "If TeleControl Server Basic is operated in standalone mode, then users can close Port 8000/TCP on the Windows firewall to mitigate vulnerabilities CVE-2018-4835 and CVE-2018-4836.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If TeleControl Server Basic is operated in redundancy mode, then users can use the Windows firewall to restrict access to Port 8000/TCP to the second TeleControl Server Basics\u0027 IP address to mitigate vulnerabilities CVE-2018-4835 and CVE-2018-4836.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users can use the Windows firewall to close Ports 80/TCP and 443/TCP to mitigate vulnerability CVE-2018-4837.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "For more information on these vulnerabilities and more detailed mitigation instructions, please see Siemens Security Advisory SSA-65145.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://www.siemens.com/cert/en/cert-security-advisories.htm"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

VAR-201801-1629

Vulnerability from variot - Updated: 2023-12-18 12:02

A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations. TeleControl Server Basic Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. An attacker can leverage these issues to obtain sensitive information, bypass security restrictions and gain elevated privileges. Failed exploit attempts may result in a denial of service condition

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201801-1629",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "telecontrol server basic",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "model": "telecontrol server basics",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v3.1"
      },
      {
        "model": "telecontrol server basic sp2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "telecontrol server basic",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "telecontrol server basic",
        "scope": "ne",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "telecontrol server basic",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "db": "BID",
        "id": "102904"
      },
      {
        "db": "BID",
        "id": "102897"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4836"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4836"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "102904"
      },
      {
        "db": "BID",
        "id": "102897"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2018-4836",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-4836",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-02347",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-4836",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-4836",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-02347",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201801-985",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-985"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations. TeleControl Server Basic Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. \nAn attacker can leverage these issues to obtain sensitive information, bypass security restrictions and gain elevated privileges. Failed exploit attempts may result in a denial of service condition",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4836"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "db": "BID",
        "id": "102904"
      },
      {
        "db": "BID",
        "id": "102897"
      },
      {
        "db": "IVD",
        "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-4836",
        "trust": 3.8
      },
      {
        "db": "BID",
        "id": "102904",
        "trust": 1.9
      },
      {
        "db": "SIEMENS",
        "id": "SSA-651454",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "102897",
        "trust": 1.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-030-02",
        "trust": 1.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-985",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "E2E32A80-39AB-11E9-AE20-000C29342CB1",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "db": "BID",
        "id": "102904"
      },
      {
        "db": "BID",
        "id": "102897"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-985"
      }
    ]
  },
  "id": "VAR-201801-1629",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      }
    ],
    "trust": 1.8
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:02:45.265000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-651454",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-651454.pdf"
      },
      {
        "title": "Patch for Siemens TeleControl Server Basic Privilege Escalation Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/115111"
      },
      {
        "title": "Siemens TeleControl Server Basic Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78098"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-985"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4836"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-030-02"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/102897"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/102904"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4836"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4836"
      },
      {
        "trust": 0.6,
        "url": "https://support.industry.siemens.com/cs/ww/en/view/109755199"
      },
      {
        "trust": 0.6,
        "url": "http://www.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "db": "BID",
        "id": "102904"
      },
      {
        "db": "BID",
        "id": "102897"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-985"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "db": "BID",
        "id": "102904"
      },
      {
        "db": "BID",
        "id": "102897"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4836"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-985"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-01-31T00:00:00",
        "db": "IVD",
        "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1"
      },
      {
        "date": "2018-01-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "date": "2018-01-30T00:00:00",
        "db": "BID",
        "id": "102904"
      },
      {
        "date": "2018-01-25T00:00:00",
        "db": "BID",
        "id": "102897"
      },
      {
        "date": "2018-02-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "date": "2018-01-25T14:29:00.380000",
        "db": "NVD",
        "id": "CVE-2018-4836"
      },
      {
        "date": "2018-01-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-985"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-01-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-02347"
      },
      {
        "date": "2018-01-30T00:00:00",
        "db": "BID",
        "id": "102904"
      },
      {
        "date": "2018-01-25T00:00:00",
        "db": "BID",
        "id": "102897"
      },
      {
        "date": "2018-04-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      },
      {
        "date": "2019-10-09T23:41:00.453000",
        "db": "NVD",
        "id": "CVE-2018-4836"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201801-985"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "102904"
      },
      {
        "db": "BID",
        "id": "102897"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "TeleControl Server Basic Vulnerabilities related to authorization, permissions, and access control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-001582"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control issues",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-985"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-4836 (GCVE-0-2018-4836)

Solution

Solution

Tags

Sightings

Nomenclature