VAR-201806-0551
Vulnerability from variot - Updated: 2023-12-18 12:56An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation. RSLinx Classic and FactoryTalk Linx Gateway Contains vulnerabilities related to unquoted search paths or elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. RSLinx Classic is a software platform that allows Logix5000 programmable automation controllers to connect to a variety of Rockwell software applications. FactoryTalk Linx Gateway is software that provides an Open Platform Communications (OPC) Unified Architecture (UA) server interface that allows you to pass information from Rockwell software applications to Allen-Bradley controllers. A privilege elevation vulnerability exists in Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway. Local attackers can exploit this issue to gain elevated privileges. The following products and versions are vulnerable: RSLinx Classic Versions 3.90.01 and prior FactoryTalk Linx Gateway Versions 3.90.00 and prior. A successfulattempt would require the local user to be able to insert their code in thesystem root path undetected by the OS or other security applications whereit could potentially be executed during application startup or reboot. Ifsuccessful, the local user's code would execute with the elevated privilegesof the application.Tested on: Microsoft Windows 7 Professional SP1 (EN)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0551",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "rslinx classic",
"scope": "lt",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "3.90.01"
},
{
"model": "factorytalk linx gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "rockwellautomation",
"version": "3.90.00"
},
{
"model": "factorytalk linx gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "3.90.00"
},
{
"model": "rslinx classic",
"scope": "lte",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "3.90.01"
},
{
"model": "automation rslinx classic",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=3.90.01"
},
{
"model": "automation factorytalk linx gateway",
"scope": "lte",
"trust": 0.6,
"vendor": "rockwell",
"version": "\u003c=3.90.00"
},
{
"model": "automation rslinx classic",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "3.90.01"
},
{
"model": "automation rslinx classic",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "3.73.00"
},
{
"model": "automation rslinx classic",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "3.72.00"
},
{
"model": "automation factorytalk linx gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "3.90"
},
{
"model": "automation rslinx classic",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "4.00.01"
},
{
"model": "automation factorytalk linx gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "rslinx classic",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "factorytalk linx gateway",
"version": "*"
},
{
"model": "rslinx classic and factorytalk linx gateway privilege escalation",
"scope": "eq",
"trust": 0.1,
"vendor": "rockwell automation",
"version": "rockwell automation rslinx classic 3.90.01"
},
{
"model": "rslinx classic and factorytalk linx gateway privilege escalation",
"scope": "eq",
"trust": 0.1,
"vendor": "rockwell automation",
"version": "rockwell automation rslinx classic 3.73.00"
},
{
"model": "rslinx classic and factorytalk linx gateway privilege escalation",
"scope": "eq",
"trust": 0.1,
"vendor": "rockwell automation",
"version": "rockwell automation rslinx classic 3.72.00"
},
{
"model": "rslinx classic and factorytalk linx gateway privilege escalation",
"scope": "eq",
"trust": 0.1,
"vendor": "rockwell automation",
"version": "rockwell automation rslinx classic 2.58.00"
},
{
"model": "rslinx classic and factorytalk linx gateway privilege escalation",
"scope": "eq",
"trust": 0.1,
"vendor": "rockwell automation",
"version": "rockwell automation factorytalk linx gateway 3.90.00"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"db": "BID",
"id": "104415"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"db": "NVD",
"id": "CVE-2018-10619"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:rslinx_classic:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.90.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rockwellautomation:factorytalk_linx_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.90.00",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10619"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gjoko Krstic of Zero Science Lab",
"sources": [
{
"db": "BID",
"id": "104415"
}
],
"trust": 0.3
},
"cve": "CVE-2018-10619",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-10619",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2018-12106",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-120396",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-10619",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-10619",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-12106",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-378",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "ZSL",
"id": "ZSL-2018-5473",
"trust": 0.1,
"value": "(3/5)"
},
{
"author": "VULHUB",
"id": "VHN-120396",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-10619",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"db": "VULHUB",
"id": "VHN-120396"
},
{
"db": "VULMON",
"id": "CVE-2018-10619"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"db": "NVD",
"id": "CVE-2018-10619"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation. RSLinx Classic and FactoryTalk Linx Gateway Contains vulnerabilities related to unquoted search paths or elements.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. RSLinx Classic is a software platform that allows Logix5000 programmable automation controllers to connect to a variety of Rockwell software applications. FactoryTalk Linx Gateway is software that provides an Open Platform Communications (OPC) Unified Architecture (UA) server interface that allows you to pass information from Rockwell software applications to Allen-Bradley controllers. A privilege elevation vulnerability exists in Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway. \nLocal attackers can exploit this issue to gain elevated privileges. \nThe following products and versions are vulnerable:\nRSLinx Classic Versions 3.90.01 and prior\nFactoryTalk Linx Gateway Versions 3.90.00 and prior. A successfulattempt would require the local user to be able to insert their code in thesystem root path undetected by the OS or other security applications whereit could potentially be executed during application startup or reboot. Ifsuccessful, the local user\u0027s code would execute with the elevated privilegesof the application.Tested on: Microsoft Windows 7 Professional SP1 (EN)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10619"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"db": "BID",
"id": "104415"
},
{
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"db": "VULHUB",
"id": "VHN-120396"
},
{
"db": "VULMON",
"id": "CVE-2018-10619"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/rslinx_eop.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-120396",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=44892",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"db": "VULHUB",
"id": "VHN-120396"
},
{
"db": "VULMON",
"id": "CVE-2018-10619"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10619",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-18-158-01",
"trust": 3.6
},
{
"db": "BID",
"id": "104415",
"trust": 2.2
},
{
"db": "EXPLOIT-DB",
"id": "44892",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201806-378",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-12106",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "148187",
"trust": 0.2
},
{
"db": "IVD",
"id": "E2F504CF-39AB-11E9-84C3-000C29342CB1",
"trust": 0.2
},
{
"db": "CXSECURITY",
"id": "WLB-2018060148",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2018-5473",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-98944",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-120396",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-10619",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"db": "VULHUB",
"id": "VHN-120396"
},
{
"db": "VULMON",
"id": "CVE-2018-10619"
},
{
"db": "BID",
"id": "104415"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"db": "NVD",
"id": "CVE-2018-10619"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
]
},
"id": "VAR-201806-0551",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"db": "VULHUB",
"id": "VHN-120396"
}
],
"trust": 1.5017156850000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12106"
}
]
},
"last_update_date": "2023-12-18T12:56:54.296000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RSLinx",
"trust": 0.8,
"url": "https://www.rockwellautomation.com/rockwellsoftware/products/rslinx.page"
},
{
"title": "Patch for Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/132831"
},
{
"title": "Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80730"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-428",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120396"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"db": "NVD",
"id": "CVE-2018-10619"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-158-01"
},
{
"trust": 2.0,
"url": "https://www.exploit-db.com/exploits/44892/"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/104415"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10619"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10619"
},
{
"trust": 0.3,
"url": "http://www.rockwellautomation.com/"
},
{
"trust": 0.1,
"url": "https://compatibility.rockwellautomation.com/pages/multiproductdownload.aspx?crumb=112"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10619"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/148187"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2018060148"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144534"
},
{
"trust": 0.1,
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073800"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/428.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"db": "VULHUB",
"id": "VHN-120396"
},
{
"db": "VULMON",
"id": "CVE-2018-10619"
},
{
"db": "BID",
"id": "104415"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"db": "NVD",
"id": "CVE-2018-10619"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"db": "VULHUB",
"id": "VHN-120396"
},
{
"db": "VULMON",
"id": "CVE-2018-10619"
},
{
"db": "BID",
"id": "104415"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"db": "NVD",
"id": "CVE-2018-10619"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-10T00:00:00",
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"date": "2018-06-26T00:00:00",
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"date": "2018-06-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"date": "2018-06-07T00:00:00",
"db": "VULHUB",
"id": "VHN-120396"
},
{
"date": "2018-06-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10619"
},
{
"date": "2018-06-07T00:00:00",
"db": "BID",
"id": "104415"
},
{
"date": "2018-08-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"date": "2018-06-07T20:29:00.213000",
"db": "NVD",
"id": "CVE-2018-10619"
},
{
"date": "2018-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-22T00:00:00",
"db": "ZSL",
"id": "ZSL-2018-5473"
},
{
"date": "2018-06-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-12106"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-120396"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10619"
},
{
"date": "2018-06-07T00:00:00",
"db": "BID",
"id": "104415"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006270"
},
{
"date": "2019-10-09T23:32:56.057000",
"db": "NVD",
"id": "CVE-2018-10619"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "104415"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RSLinx Classic and FactoryTalk Linx Gateway Vulnerabilities related to unquoted search paths or elements",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006270"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code problem",
"sources": [
{
"db": "IVD",
"id": "e2f504cf-39ab-11e9-84c3-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-378"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…