cvelistv5 - cve-2018-7083

CVE-2018-7083 (GCVE-0-2018-7083)

Vulnerability from cvelistv5 – Published: 2019-05-10 16:43 – Updated: 2024-08-05 06:17

Summary

Severity ?

No CVSS data available.

CWE

Core dumps are publicly accessible

Assigner

hpe

References

URL

Tags

	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/108374	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Aruba Instant (IAP)	Affected: Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:17:17.503Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
          },
          {
            "name": "108374",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108374"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba Instant (IAP)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
            }
          ]
        }
      ],
      "datePublic": "2019-02-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Core dumps are publicly accessible ",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-20T15:06:03",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
        },
        {
          "name": "108374",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108374"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2018-7083",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba Instant (IAP)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Core dumps are publicly accessible "
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
            },
            {
              "name": "108374",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108374"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2018-7083",
    "datePublished": "2019-05-10T16:43:30",
    "dateReserved": "2018-02-15T00:00:00",
    "dateUpdated": "2024-08-05T06:17:17.503Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0\", \"versionEndExcluding\": \"4.2.4.12\", \"matchCriteriaId\": \"EC1A7F0E-2967-4FFD-AF10-993F73B29C79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.5.0\", \"versionEndExcluding\": \"6.5.4.11\", \"matchCriteriaId\": \"C4A8C11A-80E4-4927-8794-92AED47956E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.3.0\", \"versionEndExcluding\": \"8.3.0.6\", \"matchCriteriaId\": \"3571ED0E-9E35-4B7D-80FD-DDD1FC187995\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.4.0.1\", \"matchCriteriaId\": \"C4AB6855-E124-4F3C-9993-647B4AB1ACBF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBC30055-239F-4BB1-B2D1-E5E35F0D8911\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"If a process running within Aruba Instant crashes, it may leave behind a \\\"core dump\\\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0\"}, {\"lang\": \"es\", \"value\": \"Si un proceso que corre dentro de Aruba Instant se bloquea, puede conllevar a un \\\"volcado de memoria\\\", que contiene la memoria del proceso en el momento en que se bloque\\u00f3. Se descubri\\u00f3 que los volcados de memoria se almacenan de manera que los usuarios no autenticados puedan acceder a ellos a trav\\u00e9s de la Web Interface de Aruba Instant. Los volcados de datos centrales podr\\u00edan contener informaci\\u00f3n sensible, como claves y contrase\\u00f1as. Soluci\\u00f3n alternativa: bloquee el acceso a la Web Interface de Aruba Instant de todos los usuarios que no sean de confianza. Resoluci\\u00f3n: corregida en Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6 y 8.4.0.0\"}]",
      "id": "CVE-2018-7083",
      "lastModified": "2024-11-21T04:11:37.367",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-05-10T17:29:01.173",
      "references": "[{\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/108374\", \"source\": \"security-alert@hpe.com\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/108374\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-alert@hpe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-7083\",\"sourceIdentifier\":\"security-alert@hpe.com\",\"published\":\"2019-05-10T17:29:01.173\",\"lastModified\":\"2024-11-21T04:11:37.367\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"If a process running within Aruba Instant crashes, it may leave behind a \\\"core dump\\\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0\"},{\"lang\":\"es\",\"value\":\"Si un proceso que corre dentro de Aruba Instant se bloquea, puede conllevar a un \\\"volcado de memoria\\\", que contiene la memoria del proceso en el momento en que se bloque\u00f3. Se descubri\u00f3 que los volcados de memoria se almacenan de manera que los usuarios no autenticados puedan acceder a ellos a trav\u00e9s de la Web Interface de Aruba Instant. Los volcados de datos centrales podr\u00edan contener informaci\u00f3n sensible, como claves y contrase\u00f1as. Soluci\u00f3n alternativa: bloquee el acceso a la Web Interface de Aruba Instant de todos los usuarios que no sean de confianza. Resoluci\u00f3n: corregida en Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6 y 8.4.0.0\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"4.2.4.12\",\"matchCriteriaId\":\"EC1A7F0E-2967-4FFD-AF10-993F73B29C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.5.0\",\"versionEndExcluding\":\"6.5.4.11\",\"matchCriteriaId\":\"C4A8C11A-80E4-4927-8794-92AED47956E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.3.0\",\"versionEndExcluding\":\"8.3.0.6\",\"matchCriteriaId\":\"3571ED0E-9E35-4B7D-80FD-DDD1FC187995\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.4.0.1\",\"matchCriteriaId\":\"C4AB6855-E124-4F3C-9993-647B4AB1ACBF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBC30055-239F-4BB1-B2D1-E5E35F0D8911\"}]}]}],\"references\":[{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108374\",\"source\":\"security-alert@hpe.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108374\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

CERTFR-2019-AVI-083

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Aruba Instant. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Aruba Instant 6.5.x versions antérieures à 6.5.4.11
N/A	N/A	Aruba Instant 8.3.x versions antérieures à 8.3.0.6
N/A	N/A	Aruba Instant 4.x versions antérieures à 4.2.4.12
N/A	N/A	Aruba Instant 8.4.x versions antérieures à 8.4.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Aruba ARUBA-PSA-2019-001 du 27 février 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Aruba Instant 6.5.x versions ant\u00e9rieures \u00e0 6.5.4.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.3.x versions ant\u00e9rieures \u00e0 8.3.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 4.x versions ant\u00e9rieures \u00e0 4.2.4.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.4.x versions ant\u00e9rieures \u00e0 8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-083",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Aruba Instant.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et\nune injection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Aruba Instant",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2019-001 du 27 f\u00e9vrier 2019",
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    }
  ]
}

CERTFR-2019-AVI-207

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC HMI Comfort Outdoor Panels 7" & 15" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC HMI Comfort Panels 4" - 22" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC (TIA Portal) versions antérieures à V15.1 Update 1
Siemens	N/A	SISHIP IPMS
Siemens	N/A	SIMATIC PCS 7
Siemens	N/A	LOGO! Soft Comfort
Siemens	N/A	LOGO!8 BM
Siemens	N/A	SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC V7.5 versions antérieures à V7.5 Upd3
Siemens	N/A	SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)
Siemens	N/A	SINAMICS PERFECT HARMONY GH180
Siemens	N/A	SISHIP IMAC
Siemens	N/A	SISHIP EMCS
Siemens	N/A	SIMATIC WinCC Runtime Advanced versions antérieures à V15.1 Update 1
Siemens	N/A	SCALANCE W1750D versions antérieures à V8.4.0.1
Siemens	N/A	SIMATIC WinCC Runtime Professional versions antérieures à V15.1 Update 1

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-705517 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-865156 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-902727 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-606525 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-549547 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-697412 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-804486 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-102144 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-542701 du 14 mai 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Comfort Panels 4\" - 22\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC (TIA Portal) versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IPMS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! Soft Comfort",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO!8 BM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 Upd3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS PERFECT HARMONY GH180",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IMAC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP EMCS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Advanced versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 V8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Professional versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2019-10919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10919"
    },
    {
      "name": "CVE-2019-10920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10920"
    },
    {
      "name": "CVE-2019-6572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6572"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-3991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3991"
    },
    {
      "name": "CVE-2019-10916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10916"
    },
    {
      "name": "CVE-2018-3990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3990"
    },
    {
      "name": "CVE-2018-3989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3989"
    },
    {
      "name": "CVE-2019-10922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10922"
    },
    {
      "name": "CVE-2019-10921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10921"
    },
    {
      "name": "CVE-2019-10924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10924"
    },
    {
      "name": "CVE-2019-10918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10918"
    },
    {
      "name": "CVE-2019-10917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10917"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2019-6578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6578"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2019-6576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6576"
    },
    {
      "name": "CVE-2019-6577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6577"
    },
    {
      "name": "CVE-2019-6574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6574"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-207",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-14T00:00:00.000000"
    },
    {
      "description": "Ajout de SCADA dans le titre.",
      "revision_date": "2019-05-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705517 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-865156 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865156.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-902727 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-606525 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-549547 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-697412 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-804486 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-102144 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-542701 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
    }
  ]
}

CERTFR-2019-AVI-083

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Aruba Instant 6.5.x versions antérieures à 6.5.4.11
N/A	N/A	Aruba Instant 8.3.x versions antérieures à 8.3.0.6
N/A	N/A	Aruba Instant 4.x versions antérieures à 4.2.4.12
N/A	N/A	Aruba Instant 8.4.x versions antérieures à 8.4.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Aruba ARUBA-PSA-2019-001 du 27 février 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Aruba Instant 6.5.x versions ant\u00e9rieures \u00e0 6.5.4.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.3.x versions ant\u00e9rieures \u00e0 8.3.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 4.x versions ant\u00e9rieures \u00e0 4.2.4.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.4.x versions ant\u00e9rieures \u00e0 8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-083",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Aruba Instant.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et\nune injection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Aruba Instant",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2019-001 du 27 f\u00e9vrier 2019",
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    }
  ]
}

CERTFR-2019-AVI-207

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC HMI Comfort Outdoor Panels 7" & 15" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC HMI Comfort Panels 4" - 22" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC (TIA Portal) versions antérieures à V15.1 Update 1
Siemens	N/A	SISHIP IPMS
Siemens	N/A	SIMATIC PCS 7
Siemens	N/A	LOGO! Soft Comfort
Siemens	N/A	LOGO!8 BM
Siemens	N/A	SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC V7.5 versions antérieures à V7.5 Upd3
Siemens	N/A	SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)
Siemens	N/A	SINAMICS PERFECT HARMONY GH180
Siemens	N/A	SISHIP IMAC
Siemens	N/A	SISHIP EMCS
Siemens	N/A	SIMATIC WinCC Runtime Advanced versions antérieures à V15.1 Update 1
Siemens	N/A	SCALANCE W1750D versions antérieures à V8.4.0.1
Siemens	N/A	SIMATIC WinCC Runtime Professional versions antérieures à V15.1 Update 1

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-705517 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-865156 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-902727 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-606525 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-549547 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-697412 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-804486 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-102144 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-542701 du 14 mai 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Comfort Panels 4\" - 22\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC (TIA Portal) versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IPMS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! Soft Comfort",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO!8 BM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 Upd3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS PERFECT HARMONY GH180",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IMAC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP EMCS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Advanced versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 V8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Professional versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2019-10919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10919"
    },
    {
      "name": "CVE-2019-10920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10920"
    },
    {
      "name": "CVE-2019-6572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6572"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-3991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3991"
    },
    {
      "name": "CVE-2019-10916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10916"
    },
    {
      "name": "CVE-2018-3990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3990"
    },
    {
      "name": "CVE-2018-3989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3989"
    },
    {
      "name": "CVE-2019-10922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10922"
    },
    {
      "name": "CVE-2019-10921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10921"
    },
    {
      "name": "CVE-2019-10924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10924"
    },
    {
      "name": "CVE-2019-10918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10918"
    },
    {
      "name": "CVE-2019-10917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10917"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2019-6578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6578"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2019-6576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6576"
    },
    {
      "name": "CVE-2019-6577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6577"
    },
    {
      "name": "CVE-2019-6574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6574"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-207",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-14T00:00:00.000000"
    },
    {
      "description": "Ajout de SCADA dans le titre.",
      "revision_date": "2019-05-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705517 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-865156 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865156.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-902727 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-606525 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-549547 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-697412 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-804486 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-102144 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-542701 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
    }
  ]
}

VAR-201905-0986

Vulnerability from variot - Updated: 2022-05-04 08:54

If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0. Siemens SCALANCE W1750D is prone to following security vulnerabilities: 1. Multiple information disclosure vulnerabilities 2. A cross-site-scripting vulnerability 3. Multiple remote command injection vulnerabilities Attackers can exploit these issues to obtain sensitive information, or execute arbitrary commands or arbitrary HTML or script code in the browser of an unsuspecting user within the context of the affected application. This can allow the attacker to steal cookie-based authentication credentials and aid in further attacks. Versions prior to SCALANCE W1750D 8.4.0.1 are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-0986",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "aruba instant",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "8.3.0"
      },
      {
        "model": "aruba instant",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "4.2.4.12"
      },
      {
        "model": "aruba instant",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "8.3.0.6"
      },
      {
        "model": "scalance w1750d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.4.0.1"
      },
      {
        "model": "aruba instant",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "6.5.0"
      },
      {
        "model": "aruba instant",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "6.5.4.11"
      },
      {
        "model": "aruba instant",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "arubanetworks",
        "version": "4.0"
      },
      {
        "model": "instant ap",
        "scope": null,
        "trust": 0.8,
        "vendor": "aruba",
        "version": null
      },
      {
        "model": "scalance w1750d",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1750d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance w1750d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "8.4.0.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.5.4.11",
                "versionStartIncluding": "6.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.3.0.6",
                "versionStartIncluding": "8.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.2.4.12",
                "versionStartIncluding": "4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.4.0.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.4.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": false
              }
            ],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to NCCIC.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2018-7083",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-7083",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 1.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-7083",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 1.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-7083",
            "trust": 1.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201903-059",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-7083",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-7083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0. Siemens SCALANCE W1750D is prone to following security vulnerabilities:\n1. Multiple information disclosure vulnerabilities\n2. A cross-site-scripting vulnerability\n3. Multiple remote command injection vulnerabilities\nAttackers can exploit these issues to obtain sensitive information, or execute arbitrary commands or arbitrary HTML or script code in the browser of an unsuspecting user within the context of the affected application. This can allow the attacker to steal cookie-based authentication credentials and aid in further attacks. \nVersions prior to SCALANCE W1750D 8.4.0.1 are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-7083"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-7083",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "108374",
        "trust": 2.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-07",
        "trust": 1.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-549547",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-7083",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-7083"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "id": "VAR-201905-0986",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.13247864
  },
  "last_update_date": "2022-05-04T08:54:09.632000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "ARUBA-PSA-2019-001",
        "trust": 0.8,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-001.txt"
      },
      {
        "title": "SSA-549547",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
      },
      {
        "title": "Aruba Networks Instant Repair measures for information disclosure vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=98212"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=f04f471bbc12c6e00cc683978d7f0589"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-7083"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/108374"
      },
      {
        "trust": 1.7,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-001.txt"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7083"
      },
      {
        "trust": 1.0,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-07"
      },
      {
        "trust": 0.9,
        "url": "http://www.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7083"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-07"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/alcatel-lucent-enterprise-omniaccess-wlan-instant-multiple-vulnerabilities-28646"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/200.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-7083"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2018-7083"
      },
      {
        "db": "BID",
        "id": "108374"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-7083"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108374"
      },
      {
        "date": "2019-06-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "date": "2019-03-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      },
      {
        "date": "2019-05-10T17:29:00",
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-20T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-7083"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108374"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      },
      {
        "date": "2019-09-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      },
      {
        "date": "2019-05-20T16:29:00",
        "db": "NVD",
        "id": "CVE-2018-7083"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Aruba Instant Vulnerable to information disclosure",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-015421"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-059"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2019-14686

Vulnerability from cnvd - Published: 2019-05-17

Title

Aruba Instant信息泄露漏洞

Description

Aruba Instant是一款云托管无控制器无线接入点。 Aruba Instant存在信息泄露漏洞。该漏洞源于Aruba Instant中运行的进程在崩溃时可能会留下“核心转储”，其中包含该进程崩溃时进程的内存内容，而“核心转储”的存储方式允许未认证用户通过Aruba Instant Web界面访问，“核心转储”可能包含密钥和密码等敏感信息。

Severity

中

Patch Name

Aruba Instant信息泄露漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt

Reference

https://web.nvd.nist.gov//vuln/detail/CVE-2018-7083

Impacted products

Name
['Aruba Networks Aruba Instant 4.0', 'Aruba Networks Aruba Instant 6.5.0', 'Aruba Networks Aruba Instant 8.3.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-7083",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7083"
    }
  },
  "description": "Aruba Instant\u662f\u4e00\u6b3e\u4e91\u6258\u7ba1\u65e0\u63a7\u5236\u5668\u65e0\u7ebf\u63a5\u5165\u70b9\u3002\n\nAruba Instant\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eAruba Instant\u4e2d\u8fd0\u884c\u7684\u8fdb\u7a0b\u5728\u5d29\u6e83\u65f6\u53ef\u80fd\u4f1a\u7559\u4e0b\u201c\u6838\u5fc3\u8f6c\u50a8\u201d\uff0c\u5176\u4e2d\u5305\u542b\u8be5\u8fdb\u7a0b\u5d29\u6e83\u65f6\u8fdb\u7a0b\u7684\u5185\u5b58\u5185\u5bb9\uff0c\u800c\u201c\u6838\u5fc3\u8f6c\u50a8\u201d\u7684\u5b58\u50a8\u65b9\u5f0f\u5141\u8bb8\u672a\u8ba4\u8bc1\u7528\u6237\u901a\u8fc7Aruba Instant Web\u754c\u9762\u8bbf\u95ee\uff0c\u201c\u6838\u5fc3\u8f6c\u50a8\u201d\u53ef\u80fd\u5305\u542b\u5bc6\u94a5\u548c\u5bc6\u7801\u7b49\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "unknown",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-14686",
  "openTime": "2019-05-17",
  "patchDescription": "Aruba Instant\u662f\u4e00\u6b3e\u4e91\u6258\u7ba1\u65e0\u63a7\u5236\u5668\u65e0\u7ebf\u63a5\u5165\u70b9\u3002\r\n\r\nAruba Instant\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eAruba Instant\u4e2d\u8fd0\u884c\u7684\u8fdb\u7a0b\u5728\u5d29\u6e83\u65f6\u53ef\u80fd\u4f1a\u7559\u4e0b\u201c\u6838\u5fc3\u8f6c\u50a8\u201d\uff0c\u5176\u4e2d\u5305\u542b\u8be5\u8fdb\u7a0b\u5d29\u6e83\u65f6\u8fdb\u7a0b\u7684\u5185\u5b58\u5185\u5bb9\uff0c\u800c\u201c\u6838\u5fc3\u8f6c\u50a8\u201d\u7684\u5b58\u50a8\u65b9\u5f0f\u5141\u8bb8\u672a\u8ba4\u8bc1\u7528\u6237\u901a\u8fc7Aruba Instant Web\u754c\u9762\u8bbf\u95ee\uff0c\u201c\u6838\u5fc3\u8f6c\u50a8\u201d\u53ef\u80fd\u5305\u542b\u5bc6\u94a5\u548c\u5bc6\u7801\u7b49\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Aruba Instant\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e \u7684\u8865\u4e01",
  "products": {
    "product": [
      "Aruba Networks Aruba Instant 4.0",
      "Aruba Networks Aruba Instant 6.5.0",
      "Aruba Networks Aruba Instant 8.3.0"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov//vuln/detail/CVE-2018-7083",
  "serverity": "\u4e2d",
  "submitTime": "2019-05-10",
  "title": "Aruba Instant\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

GSD-2018-7083

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-7083

Aliases

CVE-2018-7083

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-7083",
    "description": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0",
    "id": "GSD-2018-7083"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-7083"
      ],
      "details": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0",
      "id": "GSD-2018-7083",
      "modified": "2023-12-13T01:22:33.138188Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-alert@hpe.com",
        "ID": "CVE-2018-7083",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Aruba Instant (IAP)",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Core dumps are publicly accessible "
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt",
            "refsource": "CONFIRM",
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
          },
          {
            "name": "108374",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/108374"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.5.4.11",
                "versionStartIncluding": "6.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.3.0.6",
                "versionStartIncluding": "8.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.2.4.12",
                "versionStartIncluding": "4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.4.0.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2018-7083"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
            },
            {
              "name": "108374",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/108374"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-05-20T16:29Z",
      "publishedDate": "2019-05-10T17:29Z"
    }
  }
}

FKIE_CVE-2018-7083

Vulnerability from fkie_nvd - Published: 2019-05-10 17:29 - Updated: 2024-11-21 04:11

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
security-alert@hpe.com	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt	Vendor Advisory
security-alert@hpe.com	http://www.securityfocus.com/bid/108374
security-alert@hpe.com	https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108374
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf	Third Party Advisory

Impacted products

Vendor	Product	Version
arubanetworks	aruba_instant	*
arubanetworks	aruba_instant	*
arubanetworks	aruba_instant	*
siemens	scalance_w1750d_firmware	*
siemens	scalance_w1750d	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1A7F0E-2967-4FFD-AF10-993F73B29C79",
              "versionEndExcluding": "4.2.4.12",
              "versionStartIncluding": "4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A8C11A-80E4-4927-8794-92AED47956E7",
              "versionEndExcluding": "6.5.4.11",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3571ED0E-9E35-4B7D-80FD-DDD1FC187995",
              "versionEndExcluding": "8.3.0.6",
              "versionStartIncluding": "8.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AB6855-E124-4F3C-9993-647B4AB1ACBF",
              "versionEndExcluding": "8.4.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBC30055-239F-4BB1-B2D1-E5E35F0D8911",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0"
    },
    {
      "lang": "es",
      "value": "Si un proceso que corre dentro de Aruba Instant se bloquea, puede conllevar a un \"volcado de memoria\", que contiene la memoria del proceso en el momento en que se bloque\u00f3. Se descubri\u00f3 que los volcados de memoria se almacenan de manera que los usuarios no autenticados puedan acceder a ellos a trav\u00e9s de la Web Interface de Aruba Instant. Los volcados de datos centrales podr\u00edan contener informaci\u00f3n sensible, como claves y contrase\u00f1as. Soluci\u00f3n alternativa: bloquee el acceso a la Web Interface de Aruba Instant de todos los usuarios que no sean de confianza. Resoluci\u00f3n: corregida en Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6 y 8.4.0.0"
    }
  ],
  "id": "CVE-2018-7083",
  "lastModified": "2024-11-21T04:11:37.367",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-10T17:29:01.173",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    },
    {
      "source": "security-alert@hpe.com",
      "url": "http://www.securityfocus.com/bid/108374"
    },
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108374"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-6CM4-H3CJ-QJV6

Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2024-04-04 00:34

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-7083"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-10T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "If a process running within Aruba Instant crashes, it may leave behind a \"core dump\", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0",
  "id": "GHSA-6cm4-h3cj-qjv6",
  "modified": "2024-04-04T00:34:59Z",
  "published": "2022-05-24T16:45:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7083"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108374"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

ICSA-19-134-07

Vulnerability from csaf_cisa - Published: 2019-05-14 00:00 - Updated: 2019-05-14 00:00

Summary

Siemens SCALANCE W1750D

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow an attacker execute arbitrary commands within the underlying operating system, discover sensitive information, take administrative actions on the device, or expose session cookies for an administrative session.

Critical infrastructure sectors

Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, and Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker execute arbitrary commands within the underlying operating system, discover sensitive information, take administrative actions on the device, or expose session cookies for an administrative session.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, and Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and  solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-134-07 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-134-07.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-134-07 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-134-07"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "SSA-496604: SSA-549547: Multiple Vulnerabilites in SCALANCE W1750D - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/SSA-549547.txt"
      }
    ],
    "title": "Siemens SCALANCE W1750D",
    "tracking": {
      "current_release_date": "2019-05-14T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-19-134-07",
      "initial_release_date": "2019-05-14T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2019-05-14T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-19-134-07 Siemens SCALANCE W1750D"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V8.4.0.1",
                "product": {
                  "name": "SCALANCE W1750D: All versions \u003c V8.4.0.1",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SCALANCE W1750D"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-7084",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A command injection vulnerability is present that permits an unauthenticated user with access to the web interface of the affected device to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, write files, delete files, or reboot the device.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7084"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7083",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists in the affected devices that allows an unauthenticated attacker to access core dumps of previously crashed processes through the web interface of the device.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7083"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-16417",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability is present which allows an unauthenticated user to retrieve recently cached configuration commands by sending a crafted URL to the web interface of an affected device.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7082",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A command injection vulnerability is present in the affected devices that allows an authenticated administrative user to execute arbitrary commands on the underlying operating system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no user interaction. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7082"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected devices that allows an attacker to trick an administrator into clicking a link which could then take administrative actions on the device or expose a session cookie for an administrative session.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires no system privileges. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/us/en/view/109766816/",
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7064"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Restrict access to the web-based management interface to the internal or\nVPN network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Do not browse other websites and do not click on external links while\nbeing authenticated to the administrative web interface.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply appropriate strategies for mitigation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.4.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109766816/ ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/us/en/view/109766816/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-7083 (GCVE-0-2018-7083)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature