VAR-201812-0459
Vulnerability from variot - Updated: 2023-12-18 12:00A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). The integrated VNC server on port 5900/tcp of the affected products could allow a remote attacker to cause a Denial-of-Service condition of the VNC server. Please note that this vulnerability is only exploitable if port 5900/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices and port. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise availability of the VNC server. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 828D and SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Security vulnerabilities exist in several Siemens products. A heap based buffer-overflow vulnerability. 2. An integer overflow vulnerability. 3. A security bypass vulnerability. 4. An arbitrary code execution vulnerability. 5. Multiple privilege escalation vulnerabilities. 6. A stack based buffer-overflow vulnerability. 7. A buffer-overflow vulnerability. 8. Multiple denial-of-service vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0459",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinumerik 840d sl",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 828d",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 840d sl",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 840d sp6 hf5",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": "sinumerik 840d sp3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.8"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "sinumerik 840d sl",
"version": "*"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 808d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 840d sl sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.8"
},
{
"model": "sinumerik 840d sl sp6 hf5",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinumerik 828d sp6 hf1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinumerik 828d",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_828d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_828d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinumerik_840d_sl_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinumerik_840d_sl:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11464"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anton Kalinin, Danila Parnishchev, Dmitry Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "106185"
}
],
"trust": 0.3
},
"cve": "CVE-2018-11464",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-11464",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-25421",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-121326",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 3.7,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-11464",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-11464",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2018-25421",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-605",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-121326",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions \u003c V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions \u003c V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions \u003c V4.8 SP3). The integrated VNC server on port 5900/tcp of the affected products could allow a remote attacker to cause a Denial-of-Service condition of the VNC server. Please note that this vulnerability is only exploitable if port 5900/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices and port. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise availability of the VNC server. At the time of advisory publication no public exploitation of this security vulnerability was known. SINUMERIK 828D and SINUMERIK 840D sl Contains vulnerabilities related to authorization, permissions, and access control.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SINUMERIK 808D is a CNC machine system controller from Siemens AG. Security vulnerabilities exist in several Siemens products. A heap based buffer-overflow vulnerability. \n2. An integer overflow vulnerability. \n3. A security bypass vulnerability. \n4. An arbitrary code execution vulnerability. \n5. Multiple privilege escalation vulnerabilities. \n6. A stack based buffer-overflow vulnerability. \n7. A buffer-overflow vulnerability. \n8. Multiple denial-of-service vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, gain host privileges and perform unauthorized actions, to modify or destroy data without having proper authorization to do so, to bypass security restrictions or cause a denial-of-service condition. Siemens SINUMERIK 808D, etc",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-121326"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-11464",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-170881",
"trust": 2.6
},
{
"db": "BID",
"id": "106185",
"trust": 2.0
},
{
"db": "ICS CERT",
"id": "ICSA-18-345-02",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2018-25421",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D8171B0-463F-11E9-8D83-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-121326",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"id": "VAR-201812-0459",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
}
],
"trust": 1.7086762260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
}
]
},
"last_update_date": "2023-12-18T12:00:50.895000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-170881",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"title": "Patches for multiple Siemens product denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/147349"
},
{
"title": "Multiple Siemens Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87849"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-170881.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106185"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-345-02"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11464"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-11464"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
},
{
"trust": 0.3,
"url": "https://www.industry.siemens.com/topics/global/en/cnc4you/cnc_downloads/sinutrain_downloads/pages/sinutrain_downloads.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"db": "VULHUB",
"id": "VHN-121326"
},
{
"db": "BID",
"id": "106185"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "IVD",
"id": "7d8171b0-463f-11e9-8d83-000c29342cb1"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"date": "2018-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121326"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"date": "2018-12-12T16:29:00.590000",
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-25421"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121326"
},
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106185"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013112"
},
{
"date": "2019-10-09T23:33:33.947000",
"db": "NVD",
"id": "CVE-2018-11464"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SINUMERIK 828D and SINUMERIK 840D sl Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013112"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-605"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…