Details of VAR-201803-1848

ID

VAR-201803-1848

CVE

CVE-2018-7228

TITLE

Schneider Electric Pelco Sarix Professional Authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-002606

DESCRIPTION

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and get the administrator privileges. Schneider Electric Pelco Sarix Professional Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SchneiderElectricPelcoSarixProfessional is a video surveillance device from Schneider Electric, France. A security vulnerability exists in SchneiderElectricPelcoSarixProfessional with firmware prior to 3.25.67. Schneider Pelco Sarix Professional is prone to an unspecified authentication-bypass vulnerability. Versions prior to Schneider Electric Pelco Sarix Professional 03.29.67 are vulnerable

Trust: 2.43

sources: NVD: CVE-2018-7228 // JVNDB: JVNDB-2018-002606 // CNVD: CNVD-2018-05321 // BID: 103471

IOT TAXONOMY

category:

['ICS', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-05321

AFFECTED PRODUCTS

vendor:	schneider electric	model:	imp519-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp219-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp319-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp519-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imps110-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp519-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibps110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	mps110-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp519-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imps110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp1110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp1110-1er	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	ibps110-1er	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	imp1110-1	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	imps110-1e	scope:	-	version:	-	Trust: 0.8
vendor:	schneider	model:	electric pelco sarix professional	scope:	lt	version:	3.29.67	Trust: 0.6
vendor:	schneider electric	model:	pelco sarix professional	scope:	eq	version:	03.29.65	Trust: 0.3
vendor:	schneider electric	model:	pelco sarix professional	scope:	eq	version:	03.29.63	Trust: 0.3
vendor:	schneider electric	model:	pelco sarix professional	scope:	eq	version:	03.29.59	Trust: 0.3
vendor:	schneider electric	model:	pelco sarix professional	scope:	eq	version:	03.29.51	Trust: 0.3
vendor:	schneider electric	model:	pelco sarix professional	scope:	ne	version:	03.29.67	Trust: 0.3

sources: CNVD: CNVD-2018-05321 // BID: 103471 // JVNDB: JVNDB-2018-002606 // NVD: CVE-2018-7228

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7228
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-7228
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-05321
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201803-045
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2018-7228
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-05321
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2018-7228
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2018-7228
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-05321 // JVNDB: JVNDB-2018-002606 // CNNVD: CNNVD-201803-045 // NVD: CVE-2018-7228

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.8

sources: JVNDB: JVNDB-2018-002606 // NVD: CVE-2018-7228

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-045

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201803-045

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002606

PATCH

title:	SEVD-2018-058-01	url:	https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=9607912128&p_File_Name=SEVD-2018-058-01+Pelco+Sarix+Professional+V1.2.pdf&p_Doc_Ref=SEVD-2018-058-01	Trust: 0.8
title:	Patch for SchneiderElectricPelcoSarixProfessional Privilege Escalation Vulnerability (CNVD-2018-05321)	url:	https://www.cnvd.org.cn/patchInfo/show/121559	Trust: 0.6
title:	Schneider Electric Pelco Sarix Professional Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78839	Trust: 0.6

sources: CNVD: CNVD-2018-05321 // JVNDB: JVNDB-2018-002606 // CNNVD: CNNVD-201803-045

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7228	Trust: 3.3
db:	SCHNEIDER	id:	SEVD-2018-058-01	Trust: 1.9
db:	JVNDB	id:	JVNDB-2018-002606	Trust: 0.8
db:	CNVD	id:	CNVD-2018-05321	Trust: 0.6
db:	CNNVD	id:	CNNVD-201803-045	Trust: 0.6
db:	BID	id:	103471	Trust: 0.3

sources: CNVD: CNVD-2018-05321 // BID: 103471 // JVNDB: JVNDB-2018-002606 // CNNVD: CNNVD-201803-045 // NVD: CVE-2018-7228

REFERENCES

url:	https://www.schneider-electric.com/en/download/document/sevd-2018-058-01/	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7228	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7228	Trust: 0.8
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3

sources: CNVD: CNVD-2018-05321 // BID: 103471 // JVNDB: JVNDB-2018-002606 // CNNVD: CNNVD-201803-045 // NVD: CVE-2018-7228

CREDITS

Deng Yongkai of NSFOCUS Security Team, Melih Berk Eksioglu of Biznet Bilisim A.S. and Giri Veeraraghavan Veda of Gulf Business Machines.

Trust: 0.3

sources: BID: 103471

SOURCES

db:	CNVD	id:	CNVD-2018-05321
db:	BID	id:	103471
db:	JVNDB	id:	JVNDB-2018-002606
db:	CNNVD	id:	CNNVD-201803-045
db:	NVD	id:	CVE-2018-7228

LAST UPDATE DATE

2024-11-23T21:39:29.470000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-05321	date:	2018-03-15T00:00:00
db:	BID	id:	103471	date:	2018-02-27T00:00:00
db:	JVNDB	id:	JVNDB-2018-002606	date:	2018-04-20T00:00:00
db:	CNNVD	id:	CNNVD-201803-045	date:	2022-02-07T00:00:00
db:	NVD	id:	CVE-2018-7228	date:	2024-11-21T04:11:49.720

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-05321	date:	2018-03-15T00:00:00
db:	BID	id:	103471	date:	2018-02-27T00:00:00
db:	JVNDB	id:	JVNDB-2018-002606	date:	2018-04-20T00:00:00
db:	CNNVD	id:	CNNVD-201803-045	date:	2018-03-01T00:00:00
db:	NVD	id:	CVE-2018-7228	date:	2018-03-09T23:29:00.373