var-201808-0436
Vulnerability from variot

Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges. Crestron TSW-X60 and MC3 Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to escalate privileges on affected installations of all Crestron products. Authentication is required to exploit this vulnerability.The specific flaw exists within the two built-in accounts on all Crestron devices. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator. Crestron TSW-X60 and MC3 are prone to the following multiple security vulnerabilities: 1. Multiple OS command-injection vulnerabilities. 2. An access-bypass vulnerability. 3. A security-bypass vulnerability. Attackers can exploit these issues to execute arbitrary OS commands and bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201808-0436",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mc3",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "crestron",
        "version": "1.502.0047.00"
      },
      {
        "model": "tsw-x60",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "crestron",
        "version": "2.001.0037.001"
      },
      {
        "model": "tsw-760",
        "scope": null,
        "trust": 0.7,
        "vendor": "crestron",
        "version": null
      },
      {
        "model": "tsw-x60",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "crestron",
        "version": "0"
      },
      {
        "model": "mc3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "crestron",
        "version": "0"
      },
      {
        "model": "tsw-x60",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "crestron",
        "version": "2.001.0037.001"
      },
      {
        "model": "mc3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "crestron",
        "version": "1.502.0047.001"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "db": "BID",
        "id": "105051"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13341"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:crestron:tsw-x60_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.001.0037.001",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-560-nc-w-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-560-w-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-760-b-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-760-nc-b-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-1060-b-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-1060-nc-b-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-1060-w-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-560-nc-b-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-760-nc-w-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-1060-nc-w-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-560-b-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:tsw-760-w-s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:crestron:mc3_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.502.0047.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:mc3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-13341"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ricky \"HeadlessZeke\" Lawshae",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-920"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2018-13341",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-13341",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "CVE-2018-13341",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-13341",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-13341",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "ZDI",
            "id": "CVE-2018-13341",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201808-286",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-13341",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-13341"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13341"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges. Crestron TSW-X60 and MC3 Contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to escalate privileges on affected installations of all Crestron products. Authentication is required to exploit this vulnerability.The specific flaw exists within the two built-in accounts on all Crestron devices. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator. Crestron TSW-X60 and MC3 are prone to the following multiple security vulnerabilities:\n1. Multiple OS command-injection vulnerabilities. \n2. An access-bypass vulnerability. \n3. A security-bypass vulnerability. \nAttackers can exploit these issues to execute arbitrary OS commands and bypass certain security restrictions, perform unauthorized actions, or gain sensitive information within the context of the affected system. Failed exploit attempts will likely result in denial of service conditions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-13341"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "db": "BID",
        "id": "105051"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-13341"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-13341",
        "trust": 3.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-221-01",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "105051",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-6160",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-18-920",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-286",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-13341",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-13341"
      },
      {
        "db": "BID",
        "id": "105051"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13341"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ]
  },
  "id": "VAR-201808-0436",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.43382353
  },
  "last_update_date": "2023-12-18T12:43:54.687000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://www.crestron.com/"
      },
      {
        "title": "Crestron has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-221-01"
      },
      {
        "title": "Crestron TSW-X60  and MC3 Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=83912"
      },
      {
        "title": "CVE-2018-13341",
        "trust": 0.1,
        "url": "https://github.com/rajchowdhury420/cve-2018-13341 "
      },
      {
        "title": "crestron_getsudopwd",
        "trust": 0.1,
        "url": "https://github.com/axcheron/crestron_getsudopwd "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/khulnasoft-lab/awesome-security "
      },
      {
        "title": "CVE-POC",
        "trust": 0.1,
        "url": "https://github.com/0xt11/cve-poc "
      },
      {
        "title": "PoC-in-GitHub",
        "trust": 0.1,
        "url": "https://github.com/nomi-sec/poc-in-github "
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-13341"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-255",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13341"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-221-01"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/105051"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13341"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13341"
      },
      {
        "trust": 0.3,
        "url": "https://www.crestron.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/rajchowdhury420/cve-2018-13341"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/axcheron/crestron_getsudopwd"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-13341"
      },
      {
        "db": "BID",
        "id": "105051"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13341"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-13341"
      },
      {
        "db": "BID",
        "id": "105051"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-13341"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-08-14T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "date": "2018-08-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-13341"
      },
      {
        "date": "2018-08-09T00:00:00",
        "db": "BID",
        "id": "105051"
      },
      {
        "date": "2018-11-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "date": "2018-08-10T19:29:00.380000",
        "db": "NVD",
        "id": "CVE-2018-13341"
      },
      {
        "date": "2018-08-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-08-14T00:00:00",
        "db": "ZDI",
        "id": "ZDI-18-920"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-13341"
      },
      {
        "date": "2018-08-09T00:00:00",
        "db": "BID",
        "id": "105051"
      },
      {
        "date": "2018-11-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      },
      {
        "date": "2019-10-03T00:03:26.223000",
        "db": "NVD",
        "id": "CVE-2018-13341"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Crestron TSW-X60 and  MC3 Vulnerabilities related to certificate and password management",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-009259"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201808-286"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.