cvelistv5 - cve-2018-7082

CVE-2018-7082 (GCVE-0-2018-7082)

Vulnerability from cvelistv5 – Published: 2019-05-10 16:49 – Updated: 2024-08-05 06:17

Summary

Severity ?

No CVSS data available.

CWE

Authenticated command injection

Assigner

hpe

References

URL

Tags

	https://www.arubanetworks.com/assets/alert/ARUBA-…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/108374	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Aruba Instant (IAP)	Affected: Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:17:17.467Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
          },
          {
            "name": "108374",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108374"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba Instant (IAP)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
            }
          ]
        }
      ],
      "datePublic": "2019-02-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authenticated command injection ",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-20T15:06:02",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
        },
        {
          "name": "108374",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108374"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2018-7082",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba Instant (IAP)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authenticated command injection "
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt",
              "refsource": "CONFIRM",
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
            },
            {
              "name": "108374",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108374"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2018-7082",
    "datePublished": "2019-05-10T16:49:16",
    "dateReserved": "2018-02-15T00:00:00",
    "dateUpdated": "2024-08-05T06:17:17.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0\", \"versionEndExcluding\": \"4.2.4.12\", \"matchCriteriaId\": \"EC1A7F0E-2967-4FFD-AF10-993F73B29C79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.5.0\", \"versionEndExcluding\": \"6.5.4.11\", \"matchCriteriaId\": \"C4A8C11A-80E4-4927-8794-92AED47956E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.3.0.0\", \"versionEndExcluding\": \"8.3.0.6\", \"matchCriteriaId\": \"B3211B36-0F4B-480D-AC85-D481D6C8BB67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.4.0\", \"versionEndExcluding\": \"8.4.0.1\", \"matchCriteriaId\": \"E269D3DC-0DA7-4FC6-8591-E4B324F9F482\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.4.0.1\", \"matchCriteriaId\": \"C4AB6855-E124-4F3C-9993-647B4AB1ACBF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBC30055-239F-4BB1-B2D1-E5E35F0D8911\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de inyecci\\u00f3n de comandos est\\u00e1 presente en Aruba Instant que permite a un usuario administrativo autenticado realizar comandos arbitrarios en el sistema operativo subyacente. Un administrador malicioso podr\\u00eda usar esta habilidad para instalar backdoors o cambiar la configuraci\\u00f3n del sistema de una manera que no quede registro. Soluci\\u00f3n: ninguna. Resoluci\\u00f3n: corregida en Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6 y 8.4.0.0\"}]",
      "id": "CVE-2018-7082",
      "lastModified": "2024-11-21T04:11:37.253",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-05-10T17:29:01.110",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/108374\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/108374\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security-alert@hpe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-7082\",\"sourceIdentifier\":\"security-alert@hpe.com\",\"published\":\"2019-05-10T17:29:01.110\",\"lastModified\":\"2024-11-21T04:11:37.253\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de inyecci\u00f3n de comandos est\u00e1 presente en Aruba Instant que permite a un usuario administrativo autenticado realizar comandos arbitrarios en el sistema operativo subyacente. Un administrador malicioso podr\u00eda usar esta habilidad para instalar backdoors o cambiar la configuraci\u00f3n del sistema de una manera que no quede registro. Soluci\u00f3n: ninguna. Resoluci\u00f3n: corregida en Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6 y 8.4.0.0\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"4.2.4.12\",\"matchCriteriaId\":\"EC1A7F0E-2967-4FFD-AF10-993F73B29C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.5.0\",\"versionEndExcluding\":\"6.5.4.11\",\"matchCriteriaId\":\"C4A8C11A-80E4-4927-8794-92AED47956E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.3.0.0\",\"versionEndExcluding\":\"8.3.0.6\",\"matchCriteriaId\":\"B3211B36-0F4B-480D-AC85-D481D6C8BB67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.4.0\",\"versionEndExcluding\":\"8.4.0.1\",\"matchCriteriaId\":\"E269D3DC-0DA7-4FC6-8591-E4B324F9F482\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.4.0.1\",\"matchCriteriaId\":\"C4AB6855-E124-4F3C-9993-647B4AB1ACBF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBC30055-239F-4BB1-B2D1-E5E35F0D8911\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/108374\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108374\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2019-AVI-083

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Aruba Instant. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Aruba Instant 6.5.x versions antérieures à 6.5.4.11
N/A	N/A	Aruba Instant 8.3.x versions antérieures à 8.3.0.6
N/A	N/A	Aruba Instant 4.x versions antérieures à 4.2.4.12
N/A	N/A	Aruba Instant 8.4.x versions antérieures à 8.4.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Aruba ARUBA-PSA-2019-001 du 27 février 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Aruba Instant 6.5.x versions ant\u00e9rieures \u00e0 6.5.4.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.3.x versions ant\u00e9rieures \u00e0 8.3.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 4.x versions ant\u00e9rieures \u00e0 4.2.4.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.4.x versions ant\u00e9rieures \u00e0 8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-083",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Aruba Instant.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et\nune injection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Aruba Instant",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2019-001 du 27 f\u00e9vrier 2019",
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    }
  ]
}

CERTFR-2019-AVI-207

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC HMI Comfort Outdoor Panels 7" & 15" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC HMI Comfort Panels 4" - 22" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC (TIA Portal) versions antérieures à V15.1 Update 1
Siemens	N/A	SISHIP IPMS
Siemens	N/A	SIMATIC PCS 7
Siemens	N/A	LOGO! Soft Comfort
Siemens	N/A	LOGO!8 BM
Siemens	N/A	SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC V7.5 versions antérieures à V7.5 Upd3
Siemens	N/A	SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)
Siemens	N/A	SINAMICS PERFECT HARMONY GH180
Siemens	N/A	SISHIP IMAC
Siemens	N/A	SISHIP EMCS
Siemens	N/A	SIMATIC WinCC Runtime Advanced versions antérieures à V15.1 Update 1
Siemens	N/A	SCALANCE W1750D versions antérieures à V8.4.0.1
Siemens	N/A	SIMATIC WinCC Runtime Professional versions antérieures à V15.1 Update 1

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-705517 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-865156 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-902727 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-606525 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-549547 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-697412 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-804486 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-102144 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-542701 du 14 mai 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Comfort Panels 4\" - 22\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC (TIA Portal) versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IPMS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! Soft Comfort",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO!8 BM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 Upd3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS PERFECT HARMONY GH180",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IMAC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP EMCS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Advanced versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 V8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Professional versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2019-10919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10919"
    },
    {
      "name": "CVE-2019-10920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10920"
    },
    {
      "name": "CVE-2019-6572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6572"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-3991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3991"
    },
    {
      "name": "CVE-2019-10916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10916"
    },
    {
      "name": "CVE-2018-3990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3990"
    },
    {
      "name": "CVE-2018-3989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3989"
    },
    {
      "name": "CVE-2019-10922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10922"
    },
    {
      "name": "CVE-2019-10921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10921"
    },
    {
      "name": "CVE-2019-10924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10924"
    },
    {
      "name": "CVE-2019-10918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10918"
    },
    {
      "name": "CVE-2019-10917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10917"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2019-6578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6578"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2019-6576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6576"
    },
    {
      "name": "CVE-2019-6577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6577"
    },
    {
      "name": "CVE-2019-6574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6574"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-207",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-14T00:00:00.000000"
    },
    {
      "description": "Ajout de SCADA dans le titre.",
      "revision_date": "2019-05-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705517 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-865156 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865156.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-902727 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-606525 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-549547 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-697412 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-804486 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-102144 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-542701 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
    }
  ]
}

CERTFR-2019-AVI-083

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Aruba Instant 6.5.x versions antérieures à 6.5.4.11
N/A	N/A	Aruba Instant 8.3.x versions antérieures à 8.3.0.6
N/A	N/A	Aruba Instant 4.x versions antérieures à 4.2.4.12
N/A	N/A	Aruba Instant 8.4.x versions antérieures à 8.4.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Aruba ARUBA-PSA-2019-001 du 27 février 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Aruba Instant 6.5.x versions ant\u00e9rieures \u00e0 6.5.4.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.3.x versions ant\u00e9rieures \u00e0 8.3.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 4.x versions ant\u00e9rieures \u00e0 4.2.4.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.4.x versions ant\u00e9rieures \u00e0 8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-083",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Aruba Instant.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et\nune injection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Aruba Instant",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2019-001 du 27 f\u00e9vrier 2019",
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    }
  ]
}

CERTFR-2019-AVI-207

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC HMI Comfort Outdoor Panels 7" & 15" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC HMI Comfort Panels 4" - 22" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC (TIA Portal) versions antérieures à V15.1 Update 1
Siemens	N/A	SISHIP IPMS
Siemens	N/A	SIMATIC PCS 7
Siemens	N/A	LOGO! Soft Comfort
Siemens	N/A	LOGO!8 BM
Siemens	N/A	SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC V7.5 versions antérieures à V7.5 Upd3
Siemens	N/A	SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)
Siemens	N/A	SINAMICS PERFECT HARMONY GH180
Siemens	N/A	SISHIP IMAC
Siemens	N/A	SISHIP EMCS
Siemens	N/A	SIMATIC WinCC Runtime Advanced versions antérieures à V15.1 Update 1
Siemens	N/A	SCALANCE W1750D versions antérieures à V8.4.0.1
Siemens	N/A	SIMATIC WinCC Runtime Professional versions antérieures à V15.1 Update 1

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-705517 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-865156 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-902727 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-606525 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-549547 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-697412 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-804486 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-102144 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-542701 du 14 mai 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Comfort Panels 4\" - 22\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC (TIA Portal) versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IPMS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! Soft Comfort",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO!8 BM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 Upd3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS PERFECT HARMONY GH180",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IMAC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP EMCS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Advanced versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 V8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Professional versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2019-10919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10919"
    },
    {
      "name": "CVE-2019-10920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10920"
    },
    {
      "name": "CVE-2019-6572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6572"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-3991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3991"
    },
    {
      "name": "CVE-2019-10916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10916"
    },
    {
      "name": "CVE-2018-3990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3990"
    },
    {
      "name": "CVE-2018-3989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3989"
    },
    {
      "name": "CVE-2019-10922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10922"
    },
    {
      "name": "CVE-2019-10921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10921"
    },
    {
      "name": "CVE-2019-10924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10924"
    },
    {
      "name": "CVE-2019-10918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10918"
    },
    {
      "name": "CVE-2019-10917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10917"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2019-6578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6578"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2019-6576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6576"
    },
    {
      "name": "CVE-2019-6577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6577"
    },
    {
      "name": "CVE-2019-6574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6574"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-207",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-14T00:00:00.000000"
    },
    {
      "description": "Ajout de SCADA dans le titre.",
      "revision_date": "2019-05-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705517 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-865156 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865156.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-902727 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-606525 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-549547 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-697412 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-804486 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-102144 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-542701 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
    }
  ]
}

GSD-2018-7082

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-7082

Aliases

CVE-2018-7082

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-7082",
    "description": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0",
    "id": "GSD-2018-7082"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-7082"
      ],
      "details": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0",
      "id": "GSD-2018-7082",
      "modified": "2023-12-13T01:22:32.941485Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-alert@hpe.com",
        "ID": "CVE-2018-7082",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Aruba Instant (IAP)",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Authenticated command injection "
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt",
            "refsource": "CONFIRM",
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
          },
          {
            "name": "108374",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/108374"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.5.4.11",
                "versionStartIncluding": "6.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.4.0.1",
                "versionStartIncluding": "8.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.2.4.12",
                "versionStartIncluding": "4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.3.0.6",
                "versionStartIncluding": "8.3.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.4.0.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2018-7082"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
            },
            {
              "name": "108374",
              "refsource": "BID",
              "tags": [
                "Broken Link",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/108374"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-02-02T19:29Z",
      "publishedDate": "2019-05-10T17:29Z"
    }
  }
}

GHSA-2HPF-Q76V-4M2J

Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2023-02-02 21:34

Details

Severity ?

7.2 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-7082"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-10T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0",
  "id": "GHSA-2hpf-q76v-4m2j",
  "modified": "2023-02-02T21:34:15Z",
  "published": "2022-05-24T16:45:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7082"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108374"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

VAR-201905-0985

Vulnerability from variot - Updated: 2023-12-18 12:28

A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0. ALEAlcatelOmniAccessWirelessAccessPoint is a wireless access point device from ALE France. A command injection vulnerability exists in ALEAlcatelOmniAccessWirelessAccessPoint. The vulnerability stems from the fact that external input data constructs executable commands, and the network system or product does not properly filter the special elements. An attacker could exploit the vulnerability to execute an illegal command. Siemens SCALANCE W1750D is prone to following security vulnerabilities: 1. Multiple information disclosure vulnerabilities 2. A cross-site-scripting vulnerability 3. This can allow the attacker to steal cookie-based authentication credentials and aid in further attacks. Versions prior to SCALANCE W1750D 8.4.0.1 are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0985",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "aruba instant",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "4.0"
      },
      {
        "model": "aruba instant",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "8.3.0.6"
      },
      {
        "model": "aruba instant",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "8.3.0.0"
      },
      {
        "model": "scalance w1750d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.4.0.1"
      },
      {
        "model": "aruba instant",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "4.2.4.12"
      },
      {
        "model": "aruba instant",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "6.5.0"
      },
      {
        "model": "aruba instant",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "8.4.0"
      },
      {
        "model": "aruba instant",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "8.4.0.1"
      },
      {
        "model": "aruba instant",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "6.5.4.11"
      },
      {
        "model": "instant ap",
        "scope": null,
        "trust": 0.8,
        "vendor": "aruba",
        "version": null
      },
      {
        "model": "alcatel omniaccess wireless access point",
        "scope": null,
        "trust": 0.6,
        "vendor": "ale",
        "version": null
      },
      {
        "model": "scalance w1750d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance w1750d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "8.4.0.1"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7082"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.5.4.11",
                "versionStartIncluding": "6.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.4.0.1",
                "versionStartIncluding": "8.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.2.4.12",
                "versionStartIncluding": "4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.3.0.6",
                "versionStartIncluding": "8.3.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.4.0.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7082"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to NCCIC.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2018-7082",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2018-7082",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2019-15207",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.2,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.2,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-7082",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-7082",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-15207",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201903-047",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-7082",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-7082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0. ALEAlcatelOmniAccessWirelessAccessPoint is a wireless access point device from ALE France. A command injection vulnerability exists in ALEAlcatelOmniAccessWirelessAccessPoint. The vulnerability stems from the fact that external input data constructs executable commands, and the network system or product does not properly filter the special elements. An attacker could exploit the vulnerability to execute an illegal command. Siemens SCALANCE W1750D is prone to following security vulnerabilities:\n1. Multiple information disclosure vulnerabilities\n2. A cross-site-scripting vulnerability\n3. This can allow the attacker to steal cookie-based authentication credentials and aid in further attacks. \nVersions prior to SCALANCE W1750D 8.4.0.1 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-7082"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-7082",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "108374",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-07",
        "trust": 1.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-549547",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-047",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-7082",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-7082"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ]
  },
  "id": "VAR-201905-0985",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:28:16.207000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "ARUBA-PSA-2019-001",
        "trust": 0.8,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-001.txt"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=f04f471bbc12c6e00cc683978d7f0589"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-7082"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-77",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7082"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://www.securityfocus.com/bid/108374"
      },
      {
        "trust": 1.7,
        "url": "https://www.arubanetworks.com/assets/alert/aruba-psa-2019-001.txt"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7082"
      },
      {
        "trust": 1.0,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-07"
      },
      {
        "trust": 0.9,
        "url": "http://www.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7082"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-07"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/alcatel-lucent-enterprise-omniaccess-wlan-instant-multiple-vulnerabilities-28646"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/78.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-549547.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-7082"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-7082"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7082"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      },
      {
        "date": "2019-05-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-7082"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108374"
      },
      {
        "date": "2019-06-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "date": "2019-05-10T17:29:01.110000",
        "db": "NVD",
        "id": "CVE-2018-7082"
      },
      {
        "date": "2019-03-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-15207"
      },
      {
        "date": "2023-02-02T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-7082"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108374"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      },
      {
        "date": "2023-02-02T19:29:39.557000",
        "db": "NVD",
        "id": "CVE-2018-7082"
      },
      {
        "date": "2020-10-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Aruba Instant Command injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015420"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-047"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2018-7082

Vulnerability from fkie_nvd - Published: 2019-05-10 17:29 - Updated: 2024-11-21 04:11

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security-alert@hpe.com	http://www.securityfocus.com/bid/108374	Broken Link, Third Party Advisory, VDB Entry
security-alert@hpe.com	https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf	Third Party Advisory
security-alert@hpe.com	https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108374	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt	Vendor Advisory

Impacted products

Vendor	Product	Version
arubanetworks	aruba_instant	*
arubanetworks	aruba_instant	*
arubanetworks	aruba_instant	*
arubanetworks	aruba_instant	*
siemens	scalance_w1750d_firmware	*
siemens	scalance_w1750d	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1A7F0E-2967-4FFD-AF10-993F73B29C79",
              "versionEndExcluding": "4.2.4.12",
              "versionStartIncluding": "4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A8C11A-80E4-4927-8794-92AED47956E7",
              "versionEndExcluding": "6.5.4.11",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3211B36-0F4B-480D-AC85-D481D6C8BB67",
              "versionEndExcluding": "8.3.0.6",
              "versionStartIncluding": "8.3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E269D3DC-0DA7-4FC6-8591-E4B324F9F482",
              "versionEndExcluding": "8.4.0.1",
              "versionStartIncluding": "8.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AB6855-E124-4F3C-9993-647B4AB1ACBF",
              "versionEndExcluding": "8.4.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBC30055-239F-4BB1-B2D1-E5E35F0D8911",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n de comandos est\u00e1 presente en Aruba Instant que permite a un usuario administrativo autenticado realizar comandos arbitrarios en el sistema operativo subyacente. Un administrador malicioso podr\u00eda usar esta habilidad para instalar backdoors o cambiar la configuraci\u00f3n del sistema de una manera que no quede registro. Soluci\u00f3n: ninguna. Resoluci\u00f3n: corregida en Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6 y 8.4.0.0"
    }
  ],
  "id": "CVE-2018-7082",
  "lastModified": "2024-11-21T04:11:37.253",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-10T17:29:01.110",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108374"
    },
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108374"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ICSA-19-134-07

Vulnerability from csaf_cisa - Published: 2019-05-14 00:00 - Updated: 2019-05-14 00:00

Summary

Siemens SCALANCE W1750D

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow an attacker execute arbitrary commands within the underlying operating system, discover sensitive information, take administrative actions on the device, or expose session cookies for an administrative session.

Critical infrastructure sectors

Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, and Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker execute arbitrary commands within the underlying operating system, discover sensitive information, take administrative actions on the device, or expose session cookies for an administrative session.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, and Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and  solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-134-07 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-134-07.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-134-07 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-134-07"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "SSA-496604: SSA-549547: Multiple Vulnerabilites in SCALANCE W1750D - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/SSA-549547.txt"
      }
    ],
    "title": "Siemens SCALANCE W1750D",
    "tracking": {
      "current_release_date": "2019-05-14T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-19-134-07",
      "initial_release_date": "2019-05-14T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2019-05-14T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-19-134-07 Siemens SCALANCE W1750D"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V8.4.0.1",
                "product": {
                  "name": "SCALANCE W1750D: All versions \u003c V8.4.0.1",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE W1750D"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-7084",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A command injection vulnerability is present that permits an unauthenticated user with access to the web interface of the affected device to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, write files, delete files, or reboot the device.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7084"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7083",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists in the affected devices that allows an unauthenticated attacker to access core dumps of previously crashed processes through the web interface of the device.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7083"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-16417",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability is present which allows an unauthenticated user to retrieve recently cached configuration commands by sending a crafted URL to the web interface of an affected device.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7082",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A command injection vulnerability is present in the affected devices that allows an authenticated administrative user to execute arbitrary commands on the underlying operating system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no user interaction. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7082"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected devices that allows an attacker to trick an administrator into clicking a link which could then take administrative actions on the device or expose a session cookie for an administrative session.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7064"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-7082 (GCVE-0-2018-7082)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature