Sign-up

ID

VAR-201509-0298


CVE

CVE-2015-6456


TITLE

GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise Vulnerabilities that gain management access

Trust: 0.8

sources: JVNDB: JVNDB-2015-004924

DESCRIPTION

GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials for a support account, which allows remote attackers to obtain administrative access, and consequently execute arbitrary code, by leveraging knowledge of the password. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlBy using password information, a third party can gain administrative access and, as a result, execute arbitrary code. Authentication is required to exploit this vulnerability but it can bypassed using static credentials. The specific flaw exists within the PulseNET web service. It contains a hidden support account, with static credentials, that gives full access. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM. GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise are products of General Electric (GE). GE Digital Energy MDS PulseNET is a software application for monitoring industrial communications network equipment. MDS PulseNET Enterprise is one of the enterprise editions. Multiple GE MDS PulseNET products are prone to a directory-traversal vulnerability and a security-bypass vulnerability Attackers can exploit these issue to bypass the authentication mechanism and gain access or to read and delete arbitrary files in the context of the application. This may aid in further attacks

Trust: 3.06

sources: NVD: CVE-2015-6456 // JVNDB: JVNDB-2015-004924 // ZDI: ZDI-15-440 // CNVD: CNVD-2015-06255 // BID: 76756

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-06255

AFFECTED PRODUCTS

vendor:gemodel:mds pulsenetscope:lteversion:3.1.3

Trust: 1.0

vendor:general electricmodel:mds pulsenetscope:ltversion:3.1.5

Trust: 0.8

vendor:general electricmodel:mds pulsenetscope:ltversion:enterprise 3.1.5

Trust: 0.8

vendor:gemodel:mds pulsenetscope: - version: -

Trust: 0.7

vendor:general electricmodel:mds pulsenetscope: - version: -

Trust: 0.6

vendor:gemodel:mds pulsenetscope:eqversion:3.1.3

Trust: 0.6

sources: ZDI: ZDI-15-440 // CNVD: CNVD-2015-06255 // JVNDB: JVNDB-2015-004924 // CNNVD: CNNVD-201509-378 // NVD: CVE-2015-6456

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-6456
value: HIGH

Trust: 1.0

NVD: CVE-2015-6456
value: HIGH

Trust: 0.8

ZDI: CVE-2015-6456
value: HIGH

Trust: 0.7

CNVD: CNVD-2015-06255
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201509-378
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2015-6456
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

CNVD: CNVD-2015-06255
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: ZDI: ZDI-15-440 // CNVD: CNVD-2015-06255 // JVNDB: JVNDB-2015-004924 // CNNVD: CNNVD-201509-378 // NVD: CVE-2015-6456

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2015-004924 // NVD: CVE-2015-6456

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201509-378

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 76756

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-004924

PATCH
title:MDS PulseNet Support Documentsurl:http://www.gedigitalenergy.com/app/resources.aspx?prod=pulsenet&type=9
Trust: 0.8
title:GE has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-15-258-03
Trust: 0.7
title:Patch for GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise Remote Code Execution Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/64556
Trust: 0.6
sources:
            
            
            ZDI: ZDI-15-440 // 
            
            
            
            CNVD: CNVD-2015-06255 // 
            
            
            
            JVNDB: JVNDB-2015-004924

EXTERNAL IDS
db:NVDid:CVE-2015-6456
Trust: 4.0
db:ICS CERTid:ICSA-15-258-03
Trust: 3.0
db:ZDIid:ZDI-15-440
Trust: 2.9
db:JVNDBid:JVNDB-2015-004924
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2922
Trust: 0.7
db:CNVDid:CNVD-2015-06255
Trust: 0.6
db:CNNVDid:CNNVD-201509-378
Trust: 0.6
db:BIDid:76756
Trust: 0.3
sources:
            
            
            ZDI: ZDI-15-440 // 
            
            
            
            CNVD: CNVD-2015-06255 // 
            
            
            
            BID: 76756 // 
            
            
            
            JVNDB: JVNDB-2015-004924 // 
            
            
            
            CNNVD: CNNVD-201509-378 // 
            
            
            
            NVD: CVE-2015-6456

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-15-258-03
Trust: 3.7
url:http://zerodayinitiative.com/advisories/zdi-15-440/
Trust: 2.2
url:http://www.gedigitalenergy.com/app/resources.aspx?prod=pulsenet&type=9
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6456
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6456
Trust: 0.8
sources:
            
            
            ZDI: ZDI-15-440 // 
            
            
            
            CNVD: CNVD-2015-06255 // 
            
            
            
            JVNDB: JVNDB-2015-004924 // 
            
            
            
            CNNVD: CNNVD-201509-378 // 
            
            
            
            NVD: CVE-2015-6456

CREDITS
Andrea Micalizzi (rgod)
Trust: 0.7
sources:
            
            
            ZDI: ZDI-15-440

SOURCES
db:ZDIid:ZDI-15-440
db:CNVDid:CNVD-2015-06255
db:BIDid:76756
db:JVNDBid:JVNDB-2015-004924
db:CNNVDid:CNNVD-201509-378
db:NVDid:CVE-2015-6456

LAST UPDATE DATE
2025-04-13T23:25:12.453000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-15-440date:2015-09-16T00:00:00
db:CNVDid:CNVD-2015-06255date:2015-09-29T00:00:00
db:BIDid:76756date:2015-11-03T19:14:00
db:JVNDBid:JVNDB-2015-004924date:2015-09-29T00:00:00
db:CNNVDid:CNNVD-201509-378date:2015-09-21T00:00:00
db:NVDid:CVE-2015-6456date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:ZDIid:ZDI-15-440date:2015-09-16T00:00:00
db:CNVDid:CNVD-2015-06255date:2015-09-29T00:00:00
db:BIDid:76756date:2015-09-15T00:00:00
db:JVNDBid:JVNDB-2015-004924date:2015-09-29T00:00:00
db:CNNVDid:CNNVD-201509-378date:2015-09-21T00:00:00
db:NVDid:CVE-2015-6456date:2015-09-18T22:59:05.483