VAR-201509-0299
Vulnerability from variot - Updated: 2023-12-18 12:20Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or delete arbitrary files via a full pathname. Authentication is not required to exploit this vulnerability.The specific flaw exists within the FileDownloadServlet. By specifying a filename including directory traversal, an attacker can read and then delete an arbitrary file on the system. The read and subsequent deletion will be performed under the context of SYSTEM. GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise are products of General Electric (GE). GE Digital Energy MDS PulseNET is a software application for monitoring industrial communications network equipment. MDS PulseNET Enterprise is one of the enterprise editions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201509-0299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mds pulsenet",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "3.1.3"
},
{
"model": "mds pulsenet",
"scope": "lt",
"trust": 0.8,
"vendor": "general electric",
"version": "3.1.5"
},
{
"model": "mds pulsenet",
"scope": "lt",
"trust": 0.8,
"vendor": "general electric",
"version": "enterprise 3.1.5"
},
{
"model": "mds pulsenet",
"scope": null,
"trust": 0.7,
"vendor": "ge",
"version": null
},
{
"model": "mds pulsenet",
"scope": null,
"trust": 0.6,
"vendor": "general electric",
"version": null
},
{
"model": "mds pulsenet",
"scope": "eq",
"trust": 0.6,
"vendor": "ge",
"version": "3.1.3"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"db": "NVD",
"id": "CVE-2015-6459"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:enterprise:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6459"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi (rgod)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-439"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6459",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6459",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6459",
"impactScore": 9.2,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.4,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-06254",
"impactScore": 9.2,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-6459",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2015-6459",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2015-06254",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-379",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"db": "NVD",
"id": "CVE-2015-6459"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or delete arbitrary files via a full pathname. Authentication is not required to exploit this vulnerability.The specific flaw exists within the FileDownloadServlet. By specifying a filename including directory traversal, an attacker can read and then delete an arbitrary file on the system. The read and subsequent deletion will be performed under the context of SYSTEM. GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise are products of General Electric (GE). GE Digital Energy MDS PulseNET is a software application for monitoring industrial communications network equipment. MDS PulseNET Enterprise is one of the enterprise editions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6459"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"db": "BID",
"id": "76756"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6459",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-15-258-03",
"trust": 3.0
},
{
"db": "ZDI",
"id": "ZDI-15-439",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004925",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2906",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-06254",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201509-379",
"trust": 0.6
},
{
"db": "BID",
"id": "76756",
"trust": 0.3
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"db": "BID",
"id": "76756"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"db": "NVD",
"id": "CVE-2015-6459"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
]
},
"id": "VAR-201509-0299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06254"
}
],
"trust": 1.1714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06254"
}
]
},
"last_update_date": "2023-12-18T12:20:46.625000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MDS PulseNet Support Documents",
"trust": 0.8,
"url": "http://www.gedigitalenergy.com/app/resources.aspx?prod=pulsenet\u0026type=9"
},
{
"title": "GE has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-258-03"
},
{
"title": "Patch for GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise Absolute Path Traversal Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/64557"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004925"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"db": "NVD",
"id": "CVE-2015-6459"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-258-03"
},
{
"trust": 2.2,
"url": "http://zerodayinitiative.com/advisories/zdi-15-439/"
},
{
"trust": 1.6,
"url": "http://www.gedigitalenergy.com/app/resources.aspx?prod=pulsenet\u0026type=9"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6459"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6459"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"db": "NVD",
"id": "CVE-2015-6459"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"db": "BID",
"id": "76756"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"db": "NVD",
"id": "CVE-2015-6459"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-16T00:00:00",
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"date": "2015-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"date": "2015-09-15T00:00:00",
"db": "BID",
"id": "76756"
},
{
"date": "2015-09-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"date": "2015-09-18T22:59:07.013000",
"db": "NVD",
"id": "CVE-2015-6459"
},
{
"date": "2015-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-16T00:00:00",
"db": "ZDI",
"id": "ZDI-15-439"
},
{
"date": "2015-09-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"date": "2015-11-03T19:14:00",
"db": "BID",
"id": "76756"
},
{
"date": "2015-09-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004925"
},
{
"date": "2015-09-23T18:53:12.897000",
"db": "NVD",
"id": "CVE-2015-6459"
},
{
"date": "2015-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise Absolute Path Traversal Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-06254"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-379"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…