Details of VAR-201803-1842

ID

VAR-201803-1842

CVE

CVE-2018-7235

TITLE

Schneider Electric Pelco Sarix Professional Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-002613

DESCRIPTION

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of the shell meta characters with the value of 'system.download.sd_file'. Schneider Electric Pelco Sarix Professional Contains an input validation vulnerability.Information may be obtained. SchneiderElectricPelcoSarixProfessional is a video surveillance device from Schneider Electric, France. An attacker could exploit this vulnerability to download arbitrary files

Trust: 2.16

sources: NVD: CVE-2018-7235 // JVNDB: JVNDB-2018-002613 // CNVD: CNVD-2018-05329

IOT TAXONOMY

category:

['ICS', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-05329

AFFECTED PRODUCTS

vendor:	schneider electric	model:	imp519-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp219-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp319-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp519-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imps110-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp519-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibps110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	mps110-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp519-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imps110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp1110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp1110-1er	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	ibps110-1er	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	imp1110-1	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	imps110-1e	scope:	-	version:	-	Trust: 0.8
vendor:	schneider	model:	electric pelco sarix professional	scope:	lt	version:	3.29.67	Trust: 0.6

sources: CNVD: CNVD-2018-05329 // JVNDB: JVNDB-2018-002613 // NVD: CVE-2018-7235

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7235
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-7235
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-05329
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201803-052
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2018-7235
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-05329
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2018-7235
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2018-7235
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-05329 // JVNDB: JVNDB-2018-002613 // CNNVD: CNNVD-201803-052 // NVD: CVE-2018-7235

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2018-002613 // NVD: CVE-2018-7235

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-052

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201803-052

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002613

PATCH

title:	SEVD-2018-058-01	url:	https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=9607912128&p_File_Name=SEVD-2018-058-01+Pelco+Sarix+Professional+V1.2.pdf&p_Doc_Ref=SEVD-2018-058-01	Trust: 0.8
title:	SchneiderElectricPelcoSarixProfessional patch for arbitrary file download vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/121575	Trust: 0.6
title:	Schneider Electric Pelco Sarix Professional Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78846	Trust: 0.6

sources: CNVD: CNVD-2018-05329 // JVNDB: JVNDB-2018-002613 // CNNVD: CNNVD-201803-052

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7235	Trust: 3.0
db:	SCHNEIDER	id:	SEVD-2018-058-01	Trust: 1.6
db:	JVNDB	id:	JVNDB-2018-002613	Trust: 0.8
db:	CNVD	id:	CNVD-2018-05329	Trust: 0.6
db:	CNNVD	id:	CNNVD-201803-052	Trust: 0.6

sources: CNVD: CNVD-2018-05329 // JVNDB: JVNDB-2018-002613 // CNNVD: CNNVD-201803-052 // NVD: CVE-2018-7235

REFERENCES

url:	https://www.schneider-electric.com/en/download/document/sevd-2018-058-01/	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7235	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7235	Trust: 0.8

sources: CNVD: CNVD-2018-05329 // JVNDB: JVNDB-2018-002613 // CNNVD: CNNVD-201803-052 // NVD: CVE-2018-7235

SOURCES

db:	CNVD	id:	CNVD-2018-05329
db:	JVNDB	id:	JVNDB-2018-002613
db:	CNNVD	id:	CNNVD-201803-052
db:	NVD	id:	CVE-2018-7235

LAST UPDATE DATE

2024-11-23T21:39:29.324000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-05329	date:	2018-03-15T00:00:00
db:	JVNDB	id:	JVNDB-2018-002613	date:	2018-04-20T00:00:00
db:	CNNVD	id:	CNNVD-201803-052	date:	2022-02-07T00:00:00
db:	NVD	id:	CVE-2018-7235	date:	2024-11-21T04:11:50.730

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-05329	date:	2018-03-15T00:00:00
db:	JVNDB	id:	JVNDB-2018-002613	date:	2018-04-20T00:00:00
db:	CNNVD	id:	CNNVD-201803-052	date:	2018-03-01T00:00:00
db:	NVD	id:	CVE-2018-7235	date:	2018-03-09T23:29:00.763