Details of VAR-201805-0722

ID

VAR-201805-0722

CVE

CVE-2018-10729

TITLE

Phoenix Contact managed FL SWITCH Information Disclosure Vulnerability

Trust: 0.8

sources: IVD: e2efd4b1-39ab-11e9-9402-000c29342cb1 // CNVD: CNVD-2018-10150

DESCRIPTION

All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 allow reading the configuration file by an unauthenticated user. plural Phoenix Contact FL SWITCH The product contains an information disclosure vulnerability.Information may be obtained. PhoenixContact is a German provider of industrial automation, connectivity and interface solutions for critical infrastructure applications such as communications, critical manufacturing and information technology. PhoenixContactmanagedFLSWITCH has an information disclosure vulnerability that allows unauthenticated attackers to read the device's profile content. An OS command-execution vulnerability 2. An information-disclosure vulnerability 3. Multiple stack-based buffer-overflow vulnerabilities Attackers can exploit these issues to execute arbitrary code, execute arbitrary OS commands, obtain sensitive information, and perform unauthorized actions. Failed exploit attempts will likely cause a denial-of-service condition

Trust: 2.61

sources: NVD: CVE-2018-10729 // JVNDB: JVNDB-2018-005166 // CNVD: CNVD-2018-10150 // BID: 104231 // IVD: e2efd4b1-39ab-11e9-9402-000c29342cb1

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: e2efd4b1-39ab-11e9-9402-000c29342cb1 // CNVD: CNVD-2018-10150

AFFECTED PRODUCTS

vendor:	phoenixcontact	model:	fl switch 4000t-8poe-2sfp-r	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3008t	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4008t-2sfp	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx lc-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx sm lc-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4012t-2gt-2fx st	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3016	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3016	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3004t-fx	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3006t-2fx	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3008	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx st-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4012t-2gt-2fx st	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3005t	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3016e	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4008t-2gt-4fx sm	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4800e-24fx-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3006t-2fx	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx lc-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4012t 2gt 2fx	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3012e-2fx sm	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3016e	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4824e-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4012t 2gt 2fx	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4800e-24fx-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx st-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx sm-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4008t-2gt-3fx sm	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3005	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3016t	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4008t-2gt-4fx sm	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3005	scope:	gt	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3004t-fx st	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx sm-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4800e-24fx sm-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3012e-2sfx	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4008t-2gt-3fx sm	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3012e-2fx sm	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3004t-fx st	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4824e-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4800e-24fx sm-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4000t-8poe-2sfp-r	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3006t-2fx st	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3016t	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3008t	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3006t-2fx sm	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4008t-2sfp	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3008	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx sm lc-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3006t-2fx sm	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx sm st-4gc	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3004t-fx	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3006t-2fx st	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3012e-2sfx	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 4808e-16fx sm st-4gc	scope:	gte	version:	1.0	Trust: 1.0
vendor:	phoenixcontact	model:	fl switch 3005t	scope:	lte	version:	1.33	Trust: 1.0
vendor:	phoenix contact	model:	fl switch 3004t-fx st	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3004t-fx	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3005	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3005t	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3006t-2fx sm	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3006t-2fx st	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3006t-2fx	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3008	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3008t	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3012e-2fx sm	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3012e-2sfx	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3016	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3016e	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 3016t	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4000t-8poe-2sfp-r	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4008t-2gt-3fx sm	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4008t-2gt-4fx sm	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4008t-2sfp	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4012t 2gt 2fx	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4012t-2gt-2fx st	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4800e-24fx sm-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4800e-24fx-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4808e-16fx lc-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4808e-16fx sm lc-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4808e-16fx sm st-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4808e-16fx sm-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4808e-16fx st-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4808e-16fx-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix contact	model:	fl switch 4824e-4gc	scope:	eq	version:	1.0 to 1.33	Trust: 0.8
vendor:	phoenix	model:	contact fl switch	scope:	eq	version:	3xxx>=1.0,<=1.32	Trust: 0.6
vendor:	phoenix	model:	contact fl switch	scope:	eq	version:	4xxx>=1.0,<=1.32	Trust: 0.6
vendor:	phoenix	model:	contact fl switch series	scope:	eq	version:	48xxx>=1.0,<=1.32	Trust: 0.6
vendor:	phoenix	model:	contact fl switch series	scope:	eq	version:	4xxx1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch series	scope:	eq	version:	4xxx1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch series	scope:	eq	version:	48xx1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch series	scope:	eq	version:	48xx1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4824e-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4824e-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx st-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx st-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm st-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm st-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm lc-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm lc-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx lc-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx lc-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4800e-24fx-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4800e-24fx-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4800e-24fx sm-4gc	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4800e-24fx sm-4gc	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4012t-2gt-2fx st	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4012t-2gt-2fx st	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4012t 2gt 2fx	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4012t 2gt 2fx	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2sfp	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2sfp	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2gt-4fx sm	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2gt-4fx sm	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2gt-3fx sm	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2gt-3fx sm	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4000t-8poe-2sfp-r	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4000t-8poe-2sfp-r	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch series	scope:	eq	version:	3xxx1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch series	scope:	eq	version:	3xxx1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3016t	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3016t	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3016e	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3016e	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	eq	version:	30161.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	eq	version:	30161.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3012e-2sfx	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3012e-2sfx	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3012e-2fx sm	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3012e-2fx sm	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3008t	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3008t	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	eq	version:	30081.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	eq	version:	30081.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3006t-2fx st	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3006t-2fx st	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3006t-2fx sm	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3006t-2fx sm	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3006t-2fx	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3006t-2fx	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3005t	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3005t	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	eq	version:	30051.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	eq	version:	30051.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3004t-fx st	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3004t-fx st	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3004t-fx	scope:	eq	version:	1.32	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3004t-fx	scope:	eq	version:	1.0	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4824e-4gc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx-4gc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx st-4gc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm-4gc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm st-4gc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4808e-16fx sm lc-4gc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4800e-24fx-4gc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4800e-24fx sm-4gc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4012t-2gt-2fx st	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4012t 2gt 2fx	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2sfp	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2gt-4fx sm	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4008t-2gt-3fx sm	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 4000t-8poe-2sfp-r	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3016t	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3016e	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	ne	version:	30161.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3012e-2sfx	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3012e-2fx sm	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3008t	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	ne	version:	30081.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3006t-2fx sm	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3006t-2fx	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3005t	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch	scope:	ne	version:	30051.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3004t-fx st	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch 3004t-fx	scope:	ne	version:	1.34	Trust: 0.3
vendor:	phoenix	model:	contact fl switch -4804g8ce-16fx lc	scope:	ne	version:	1.34	Trust: 0.3
vendor:	fl switch 3005	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3016e	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3016	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3016t	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3006t 2fx sm	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4008t 2sfp	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4008t 2gt 4fx sm	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4008t 2gt 3fx sm	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4808e 16fx lc 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4808e 16fx sm 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4808e 16fx sm st 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3005t	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4808e 16fx st 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4808e 16fx 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4808e 16fx sm lc 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4012t 2gt 2fx	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4012t 2gt 2fx st	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4824e 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4800e 24fx 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4800e 24fx sm 4gc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3012e 2fx sm	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 4000t 8poe 2sfp r	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3004t fx	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3004t fx st	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3008	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3008t	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3006t 2fx	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3006t 2fx st	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	fl switch 3012e 2sfx	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2efd4b1-39ab-11e9-9402-000c29342cb1 // CNVD: CNVD-2018-10150 // BID: 104231 // JVNDB: JVNDB-2018-005166 // NVD: CVE-2018-10729

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-10729
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-10729
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2018-10150
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201805-519
value:	MEDIUM
Trust: 0.6
IVD:	e2efd4b1-39ab-11e9-9402-000c29342cb1
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2018-10729
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-10150
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2efd4b1-39ab-11e9-9402-000c29342cb1
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-10729
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: IVD: e2efd4b1-39ab-11e9-9402-000c29342cb1 // CNVD: CNVD-2018-10150 // JVNDB: JVNDB-2018-005166 // CNNVD: CNNVD-201805-519 // NVD: CVE-2018-10729

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.8

sources: JVNDB: JVNDB-2018-005166 // NVD: CVE-2018-10729

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-519

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201805-519

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-005166

PATCH

title:	Top Page	url:	https://www.phoenixcontact.com/online/portal/pc	Trust: 0.8
title:	Patch for PhoenixContactmanagedFLSWITCH Information Disclosure Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/130061	Trust: 0.6
title:	PHOENIX CONTACT FL SWITCH 3xxx , 4xxx and 48xxx Series Repair measures for information disclosure vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83451	Trust: 0.6

sources: CNVD: CNVD-2018-10150 // JVNDB: JVNDB-2018-005166 // CNNVD: CNNVD-201805-519

EXTERNAL IDS

db:	NVD	id:	CVE-2018-10729	Trust: 3.5
db:	CERT@VDE	id:	VDE-2018-005	Trust: 3.0
db:	ICS CERT	id:	ICSA-18-137-02	Trust: 2.7
db:	BID	id:	104231	Trust: 1.3
db:	CNVD	id:	CNVD-2018-10150	Trust: 0.8
db:	CNNVD	id:	CNNVD-201805-519	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-005166	Trust: 0.8
db:	IVD	id:	E2EFD4B1-39AB-11E9-9402-000C29342CB1	Trust: 0.2

sources: IVD: e2efd4b1-39ab-11e9-9402-000c29342cb1 // CNVD: CNVD-2018-10150 // BID: 104231 // JVNDB: JVNDB-2018-005166 // CNNVD: CNNVD-201805-519 // NVD: CVE-2018-10729

REFERENCES

url:	https://cert.vde.com/de-de/advisories/vde-2018-005	Trust: 3.0
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-137-02	Trust: 2.7
url:	http://www.securityfocus.com/bid/104231	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10729	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10729	Trust: 0.8
url:	https://www.phoenixcontact.com/online/portal/pc	Trust: 0.3

sources: CNVD: CNVD-2018-10150 // BID: 104231 // JVNDB: JVNDB-2018-005166 // CNNVD: CNNVD-201805-519 // NVD: CVE-2018-10729

CREDITS

ERT@VDE working with Vyacheslav Moskvin, Semen Sokolov, Evgeniy Druzhinin, Georgy Zaytsev and Ilya Karpov of Positive Technologies and PHOENIX CONTACT.

Trust: 0.3

sources: BID: 104231

SOURCES

db:	IVD	id:	e2efd4b1-39ab-11e9-9402-000c29342cb1
db:	CNVD	id:	CNVD-2018-10150
db:	BID	id:	104231
db:	JVNDB	id:	JVNDB-2018-005166
db:	CNNVD	id:	CNNVD-201805-519
db:	NVD	id:	CVE-2018-10729

LAST UPDATE DATE

2024-11-23T22:17:30.135000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-10150	date:	2018-05-23T00:00:00
db:	BID	id:	104231	date:	2018-05-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-005166	date:	2018-07-09T00:00:00
db:	CNNVD	id:	CNNVD-201805-519	date:	2018-05-23T00:00:00
db:	NVD	id:	CVE-2018-10729	date:	2024-11-21T03:41:56.270

SOURCES RELEASE DATE

db:	IVD	id:	e2efd4b1-39ab-11e9-9402-000c29342cb1	date:	2018-05-23T00:00:00
db:	CNVD	id:	CNVD-2018-10150	date:	2018-05-23T00:00:00
db:	BID	id:	104231	date:	2018-05-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-005166	date:	2018-07-09T00:00:00
db:	CNNVD	id:	CNNVD-201805-519	date:	2018-05-17T00:00:00
db:	NVD	id:	CVE-2018-10729	date:	2018-05-17T19:29:00.353