VAR-201803-2155
Vulnerability from variot - Updated: 2023-12-18 13:28A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module DNP3 variant (All versions < V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions < V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities. plural Siemens The product contains an access control vulnerability.Information may be tampered with. SIPROTEC 4, SIPROTEC Compact and Reyrolle equipment offer a wide range of centralized protection, control and automation functions for substations and other applications. Multiple Siemens EN100 Ethernet Modules are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. A security vulnerability exists in the web interface (TCP/80) in several Siemens products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-2155",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "en100 ethernet module modbus tcp",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": null
},
{
"model": "en100 ethernet module iec 104",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": null
},
{
"model": "en100 ethernet module profinet io",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": null
},
{
"model": "en100 ethernet module dnp3",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": null
},
{
"model": "en100 ethernet module iec 61850",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.30"
},
{
"model": "en100 ethernet module dnp3",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "en100 ethernet module iec 104",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "en100 ethernet module iec 61850",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "en100 ethernet module modbus tcp",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "en100 ethernet module profinet io",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "iec",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "61850\u003cv4.30"
},
{
"model": "profinet io",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "modbus tcp",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "dnp3",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "iec",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "104"
},
{
"model": "siprotec compact",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "siprotec",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "40"
},
{
"model": "reyrolle",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "en100 ethernet module profinet io",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "en100 ethernet module modbus tcp",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "en100 ethernet module iec",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "618500"
},
{
"model": "en100 ethernet module iec",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1040"
},
{
"model": "en100 ethernet module dnp3",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "en100 ethernet module iec",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "618504.30"
},
{
"model": "iec siemens profinet io *siemens modbus tcp *siemens dnp3 *siemens iec",
"scope": "eq",
"trust": 0.2,
"vendor": "siemens",
"version": "61850104"
}
],
"sources": [
{
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"db": "BID",
"id": "103379"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"db": "NVD",
"id": "CVE-2018-4838"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_dnp3:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_modbus_tcp_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_modbus_tcp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_profinet_io:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:en100_ethernet_module_iec_61850_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:en100_ethernet_module_iec_61850:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4838"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ilya Karpov and Alexey Stennikov from Positive Technologies",
"sources": [
{
"db": "BID",
"id": "103379"
}
],
"trust": 0.3
},
"cve": "CVE-2018-4838",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-4838",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-04834",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-134869",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-4838",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4838",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-04834",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-230",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134869",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"db": "VULHUB",
"id": "VHN-134869"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"db": "NVD",
"id": "CVE-2018-4838"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in EN100 Ethernet module IEC 61850 variant (All versions \u003c V4.30), EN100 Ethernet module DNP3 variant (All versions \u003c V1.04), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions \u003c V1.22). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities. plural Siemens The product contains an access control vulnerability.Information may be tampered with. SIPROTEC 4, SIPROTEC Compact and Reyrolle equipment offer a wide range of centralized protection, control and automation functions for substations and other applications. Multiple Siemens EN100 Ethernet Modules are prone to an authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. A security vulnerability exists in the web interface (TCP/80) in several Siemens products",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4838"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"db": "BID",
"id": "103379"
},
{
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-134869"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4838",
"trust": 3.6
},
{
"db": "BID",
"id": "103379",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-845879",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-067-02",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-18-067-01",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201803-230",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-04834",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719",
"trust": 0.8
},
{
"db": "IVD",
"id": "E2E52650-39AB-11E9-AD8D-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-134869",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"db": "VULHUB",
"id": "VHN-134869"
},
{
"db": "BID",
"id": "103379"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"db": "NVD",
"id": "CVE-2018-4838"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
]
},
"id": "VAR-201803-2155",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"db": "VULHUB",
"id": "VHN-134869"
}
],
"trust": 1.6314814666666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04834"
}
]
},
"last_update_date": "2023-12-18T13:28:58.709000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-845879",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
},
{
"title": "Patches for unauthorized operating vulnerabilities in multiple Siemens products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/120859"
},
{
"title": "Multiple Siemens Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78966"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134869"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"db": "NVD",
"id": "CVE-2018-4838"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
},
{
"trust": 1.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-067-02"
},
{
"trust": 1.7,
"url": "https://www.securityfocus.com/bid/103379"
},
{
"trust": 1.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-067-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4838"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4838"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"db": "VULHUB",
"id": "VHN-134869"
},
{
"db": "BID",
"id": "103379"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"db": "NVD",
"id": "CVE-2018-4838"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"db": "VULHUB",
"id": "VHN-134869"
},
{
"db": "BID",
"id": "103379"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"db": "NVD",
"id": "CVE-2018-4838"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-09T00:00:00",
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"date": "2018-03-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"date": "2018-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-134869"
},
{
"date": "2018-03-08T00:00:00",
"db": "BID",
"id": "103379"
},
{
"date": "2018-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"date": "2018-03-08T17:29:00.210000",
"db": "NVD",
"id": "CVE-2018-4838"
},
{
"date": "2018-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04834"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134869"
},
{
"date": "2018-03-08T00:00:00",
"db": "BID",
"id": "103379"
},
{
"date": "2018-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002719"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-4838"
},
{
"date": "2019-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Siemens Access control vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002719"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access control error",
"sources": [
{
"db": "IVD",
"id": "e2e52650-39ab-11e9-ad8d-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-230"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…