Details of VAR-201803-1851

ID

VAR-201803-1851

CVE

CVE-2018-7231

TITLE

Schneider Electric Pelco Sarix Professional Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-002609

DESCRIPTION

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'system.opkg.remove'. Schneider Electric Pelco Sarix Professional Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SchneiderElectricPelcoSarixProfessional is a video surveillance device from Schneider Electric, France. An attacker could exploit the vulnerability to execute commands. Schneider Pelco Sarix Professional is prone to a remote command-execution vulnerability. Versions prior to Schneider Electric Pelco Sarix Professional 03.29.67 are vulnerable

Trust: 2.43

sources: NVD: CVE-2018-7231 // JVNDB: JVNDB-2018-002609 // CNVD: CNVD-2018-05325 // BID: 103527

IOT TAXONOMY

category:

['ICS', 'Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-05325

AFFECTED PRODUCTS

vendor:	schneider electric	model:	imp519-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp219-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp319-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp519-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imps110-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp519-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibps110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	mps110-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp519-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp319-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp219-1	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imps110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1e	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp1110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	imp1110-1er	scope:	lt	version:	3.29.67	Trust: 1.0
vendor:	schneider electric	model:	ibp1110-1er	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	ibps110-1er	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	imp1110-1	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	imps110-1e	scope:	-	version:	-	Trust: 0.8
vendor:	schneider	model:	electric pelco sarix professional	scope:	lt	version:	3.29.67	Trust: 0.6
vendor:	schneider electric	model:	pelco sarix professional	scope:	eq	version:	03.29.65	Trust: 0.3
vendor:	schneider electric	model:	pelco sarix professional	scope:	eq	version:	03.29.63	Trust: 0.3
vendor:	schneider electric	model:	pelco sarix professional	scope:	eq	version:	03.29.59	Trust: 0.3
vendor:	schneider electric	model:	pelco sarix professional	scope:	eq	version:	03.29.51	Trust: 0.3
vendor:	schneider electric	model:	pelco sarix professional	scope:	ne	version:	03.29.67	Trust: 0.3

sources: CNVD: CNVD-2018-05325 // BID: 103527 // JVNDB: JVNDB-2018-002609 // NVD: CVE-2018-7231

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7231
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-7231
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-05325
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201803-048
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2018-7231
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-05325
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2018-7231
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2018-7231
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-05325 // JVNDB: JVNDB-2018-002609 // CNNVD: CNNVD-201803-048 // NVD: CVE-2018-7231

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2018-002609 // NVD: CVE-2018-7231

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-048

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201803-048

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002609

PATCH

title:	SEVD-2018-058-01	url:	https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=9607912128&p_File_Name=SEVD-2018-058-01+Pelco+Sarix+Professional+V1.2.pdf&p_Doc_Ref=SEVD-2018-058-01	Trust: 0.8
title:	Patch for SchneiderElectricPelcoSarixProfessional Command Execution Vulnerability (CNVD-2018-05325)	url:	https://www.cnvd.org.cn/patchInfo/show/121567	Trust: 0.6
title:	Schneider Electric Pelco Sarix Professional Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78842	Trust: 0.6

sources: CNVD: CNVD-2018-05325 // JVNDB: JVNDB-2018-002609 // CNNVD: CNNVD-201803-048

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7231	Trust: 3.3
db:	SCHNEIDER	id:	SEVD-2018-058-01	Trust: 1.9
db:	JVNDB	id:	JVNDB-2018-002609	Trust: 0.8
db:	CNVD	id:	CNVD-2018-05325	Trust: 0.6
db:	CNNVD	id:	CNNVD-201803-048	Trust: 0.6
db:	BID	id:	103527	Trust: 0.3

sources: CNVD: CNVD-2018-05325 // BID: 103527 // JVNDB: JVNDB-2018-002609 // CNNVD: CNNVD-201803-048 // NVD: CVE-2018-7231

REFERENCES

url:	https://www.schneider-electric.com/en/download/document/sevd-2018-058-01/	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7231	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7231	Trust: 0.8
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3

sources: CNVD: CNVD-2018-05325 // BID: 103527 // JVNDB: JVNDB-2018-002609 // CNNVD: CNNVD-201803-048 // NVD: CVE-2018-7231

CREDITS

Deng Yongkai of NSFOCUS Security Team.

Trust: 0.3

sources: BID: 103527

SOURCES

db:	CNVD	id:	CNVD-2018-05325
db:	BID	id:	103527
db:	JVNDB	id:	JVNDB-2018-002609
db:	CNNVD	id:	CNNVD-201803-048
db:	NVD	id:	CVE-2018-7231

LAST UPDATE DATE

2024-11-23T21:39:29.501000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-05325	date:	2018-03-15T00:00:00
db:	BID	id:	103527	date:	2018-02-27T00:00:00
db:	JVNDB	id:	JVNDB-2018-002609	date:	2018-04-20T00:00:00
db:	CNNVD	id:	CNNVD-201803-048	date:	2022-02-07T00:00:00
db:	NVD	id:	CVE-2018-7231	date:	2024-11-21T04:11:50.157

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-05325	date:	2018-03-15T00:00:00
db:	BID	id:	103527	date:	2018-02-27T00:00:00
db:	JVNDB	id:	JVNDB-2018-002609	date:	2018-04-20T00:00:00
db:	CNNVD	id:	CNNVD-201803-048	date:	2018-03-01T00:00:00
db:	NVD	id:	CVE-2018-7231	date:	2018-03-09T23:29:00.547