VAR-201806-0573
Vulnerability from variot - Updated: 2023-12-18 12:50Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services. GE MDS PulseNET and MDS PulseNET Enterprise Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The interface is not sufficiently protected from low-privileged users. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of the CommandLineService web service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code under the context of the current web service. GE MDS PulseNET and MDS PulseNET Enterprise are products of General Electric (GE). GE MDS PulseNET is a suite of network management software designed for radio communication systems. Attackers can exploit these issue to bypass the authentication mechanism, use a specially crafted request with directory-traversal sequences ('../') to access or read arbitrary files that contain sensitive information, or to cause a denial-of-service condition. The following products and versions are vulnerable: PulseNET Version 3.2.1 and prior PulseNET Enterprise Version 3.2.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0573",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mds pulsenet",
"scope": null,
"trust": 3.5,
"vendor": "ge",
"version": null
},
{
"model": "mds pulsenet",
"scope": "lte",
"trust": 1.0,
"vendor": "ge",
"version": "3.2.1"
},
{
"model": "mds pulsenet",
"scope": "eq",
"trust": 0.9,
"vendor": "ge",
"version": "3.2.1"
},
{
"model": "mds pulsenet",
"scope": "lte",
"trust": 0.8,
"vendor": "general electric",
"version": "3.2.1"
},
{
"model": "mds pulsenet",
"scope": "lte",
"trust": 0.8,
"vendor": "general electric",
"version": "enterprise 3.2.1"
},
{
"model": "mds pulsenet enterprise",
"scope": "lte",
"trust": 0.6,
"vendor": "ge",
"version": "\u003c=3.2.1"
},
{
"model": "mds pulsenet",
"scope": "lte",
"trust": 0.6,
"vendor": "ge",
"version": "\u003c=3.2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "mds pulsenet",
"version": "*"
},
{
"model": "mds pulsenet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "3.2.1"
},
{
"model": "mds pulsenet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "3.1.5"
},
{
"model": "mds pulsenet enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "3.1.3"
},
{
"model": "mds pulsenet",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "3.1.5"
},
{
"model": "mds pulsenet",
"scope": "eq",
"trust": 0.3,
"vendor": "ge",
"version": "3.1.3"
},
{
"model": "mds pulsenet enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "ge",
"version": "4.1"
},
{
"model": "mds pulsenet",
"scope": "ne",
"trust": 0.3,
"vendor": "ge",
"version": "4.1"
}
],
"sources": [
{
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"db": "BID",
"id": "104377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"db": "NVD",
"id": "CVE-2018-10611"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:enterprise:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10611"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"db": "BID",
"id": "104377"
}
],
"trust": 3.8
},
"cve": "CVE-2018-10611",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-10611",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 3.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2018-10611",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11074",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-10611",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-10611",
"trust": 2.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-10611",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2018-10611",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-11074",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-269",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"db": "NVD",
"id": "CVE-2018-10611"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services. GE MDS PulseNET and MDS PulseNET Enterprise Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The interface is not sufficiently protected from low-privileged users. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of the CommandLineService web service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code under the context of the current web service. GE MDS PulseNET and MDS PulseNET Enterprise are products of General Electric (GE). GE MDS PulseNET is a suite of network management software designed for radio communication systems. \nAttackers can exploit these issue to bypass the authentication mechanism, use a specially crafted request with directory-traversal sequences (\u0027../\u0027) to access or read arbitrary files that contain sensitive information, or to cause a denial-of-service condition. \nThe following products and versions are vulnerable:\nPulseNET Version 3.2.1 and prior\nPulseNET Enterprise Version 3.2.1",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10611"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"db": "BID",
"id": "104377"
},
{
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
}
],
"trust": 5.76
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10611",
"trust": 7.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-151-02",
"trust": 3.3
},
{
"db": "BID",
"id": "104377",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2018-11074",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-269",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006279",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5575",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-550",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5591",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-551",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5535",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-547",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5536",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-548",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5537",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-549",
"trust": 0.7
},
{
"db": "IVD",
"id": "E2F21E9F-39AB-11E9-92FE-000C29342CB1",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"db": "BID",
"id": "104377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"db": "NVD",
"id": "CVE-2018-10611"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
]
},
"id": "VAR-201806-0573",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
}
],
"trust": 1.5232143
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
}
]
},
"last_update_date": "2023-12-18T12:50:44.337000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "GE has issued an update to correct this vulnerability.",
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-151-02"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.ge.com/"
},
{
"title": "Patch for GE MDS PulseNET and MDS PulseNET Enterprise Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/131449"
},
{
"title": "GE MDS PulseNET and MDS PulseNET Enterprise Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80555"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"db": "NVD",
"id": "CVE-2018-10611"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 6.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-151-02"
},
{
"trust": 2.2,
"url": "http://www.gegridsolutions.com/app/downloadfile.aspx?prod=pulsenet\u0026type=9\u0026file=1"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104377"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10611"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10611"
},
{
"trust": 0.3,
"url": "http://www.ge.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"db": "BID",
"id": "104377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"db": "NVD",
"id": "CVE-2018-10611"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"db": "BID",
"id": "104377"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"db": "NVD",
"id": "CVE-2018-10611"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-07T00:00:00",
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"date": "2018-06-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"date": "2018-05-31T00:00:00",
"db": "BID",
"id": "104377"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"date": "2018-06-04T14:29:00.203000",
"db": "NVD",
"id": "CVE-2018-10611"
},
{
"date": "2018-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-550"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-551"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-547"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-548"
},
{
"date": "2018-06-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-549"
},
{
"date": "2018-06-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11074"
},
{
"date": "2018-05-31T00:00:00",
"db": "BID",
"id": "104377"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006279"
},
{
"date": "2019-10-09T23:32:54.963000",
"db": "NVD",
"id": "CVE-2018-10611"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GE MDS PulseNET and MDS PulseNET Enterprise Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "e2f21e9f-39ab-11e9-92fe-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-11074"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-269"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…