Sign-up

ID

VAR-201806-0575


CVE

CVE-2018-10615


TITLE

GE MDS PulseNET and MDS PulseNET Enterprise Directory Traversal Vulnerability

Trust: 0.8

sources: IVD: e2f5a110-39ab-11e9-963d-000c29342cb1 // CNVD: CNVD-2018-12137

DESCRIPTION

Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of GE MDS PulseNET. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.The specific flaw exists within the FileServlet servlet. When parsing the name parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information under the context of the current service. GEMDSPulseNET and MDSPulseNETEnterprise are products of General Electric (GE). GEMDSPulseNET is a network management software designed for radio communication systems. MDSPulseNETEnterprise is its enterprise version. A directory traversal vulnerability exists in GEMDSPulseNET and MDSPulseNET Enterprise 3.2.1 and earlier. Multiple GE MDS PulseNET products are prone to multiple security vulnerabilities. Attackers can exploit these issue to bypass the authentication mechanism, use a specially crafted request with directory-traversal sequences ('../') to access or read arbitrary files that contain sensitive information, or to cause a denial-of-service condition

Trust: 3.24

sources: NVD: CVE-2018-10615 // JVNDB: JVNDB-2018-006240 // ZDI: ZDI-18-546 // CNVD: CNVD-2018-12137 // BID: 104377 // IVD: e2f5a110-39ab-11e9-963d-000c29342cb1

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: e2f5a110-39ab-11e9-963d-000c29342cb1 // CNVD: CNVD-2018-12137

AFFECTED PRODUCTS

vendor:gemodel:mds pulsenetscope:lteversion:3.2.1

Trust: 1.0

vendor:gemodel:mds pulsenetscope:eqversion:3.2.1

Trust: 0.9

vendor:general electricmodel:mds pulsenetscope:lteversion:3.2.1

Trust: 0.8

vendor:general electricmodel:mds pulsenetscope:lteversion:enterprise 3.2.1

Trust: 0.8

vendor:gemodel:mds pulsenetscope: - version: -

Trust: 0.7

vendor:gemodel:mds pulsenet enterprisescope:lteversion:<=3.2.1

Trust: 0.6

vendor:gemodel:mds pulsenetscope:lteversion:<=3.2.1

Trust: 0.6

vendor:mds pulsenetmodel: - scope:eqversion:*

Trust: 0.4

vendor:gemodel:mds pulsenet enterprisescope:eqversion:3.2.1

Trust: 0.3

vendor:gemodel:mds pulsenet enterprisescope:eqversion:3.1.5

Trust: 0.3

vendor:gemodel:mds pulsenet enterprisescope:eqversion:3.1.3

Trust: 0.3

vendor:gemodel:mds pulsenetscope:eqversion:3.1.5

Trust: 0.3

vendor:gemodel:mds pulsenetscope:eqversion:3.1.3

Trust: 0.3

vendor:gemodel:mds pulsenet enterprisescope:neversion:4.1

Trust: 0.3

vendor:gemodel:mds pulsenetscope:neversion:4.1

Trust: 0.3

sources: IVD: e2f5a110-39ab-11e9-963d-000c29342cb1 // ZDI: ZDI-18-546 // CNVD: CNVD-2018-12137 // BID: 104377 // JVNDB: JVNDB-2018-006240 // CNNVD: CNNVD-201806-267 // NVD: CVE-2018-10615

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-10615
value: HIGH

Trust: 1.0

NVD: CVE-2018-10615
value: HIGH

Trust: 0.8

ZDI: CVE-2018-10615
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2018-12137
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201806-267
value: HIGH

Trust: 0.6

IVD: e2f5a110-39ab-11e9-963d-000c29342cb1
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2018-10615
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2018-10615
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

CNVD: CNVD-2018-12137
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2f5a110-39ab-11e9-963d-000c29342cb1
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-10615
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 5.2
version: 3.0

Trust: 1.8

sources: IVD: e2f5a110-39ab-11e9-963d-000c29342cb1 // ZDI: ZDI-18-546 // CNVD: CNVD-2018-12137 // JVNDB: JVNDB-2018-006240 // CNNVD: CNNVD-201806-267 // NVD: CVE-2018-10615

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

problemtype:CWE-23

Trust: 1.0

sources: JVNDB: JVNDB-2018-006240 // NVD: CVE-2018-10615

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-267

TYPE

Path traversal

Trust: 0.8

sources: IVD: e2f5a110-39ab-11e9-963d-000c29342cb1 // CNNVD: CNNVD-201806-267

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-006240

PATCH
title:Download MDS PulseNET Softwareurl:http://www.gegridsolutions.com/Communications/MDS/PulseNET_Download.aspx
Trust: 0.8
title:GE has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02
Trust: 0.7
title:GEMDSPulseNETandMDSPulseNETEnterprise directory traversal vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/132871
Trust: 0.6
title:GE MDS PulseNET  and MDS PulseNET Enterprise Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80553
Trust: 0.6
sources:
            
            
            ZDI: ZDI-18-546 // 
            
            
            
            CNVD: CNVD-2018-12137 // 
            
            
            
            JVNDB: JVNDB-2018-006240 // 
            
            
            
            CNNVD: CNNVD-201806-267

EXTERNAL IDS
db:NVDid:CVE-2018-10615
Trust: 4.2
db:ICS CERTid:ICSA-18-151-02
Trust: 3.3
db:BIDid:104377
Trust: 1.9
db:CNVDid:CNVD-2018-12137
Trust: 0.8
db:CNNVDid:CNNVD-201806-267
Trust: 0.8
db:JVNDBid:JVNDB-2018-006240
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-5520
Trust: 0.7
db:ZDIid:ZDI-18-546
Trust: 0.7
db:IVDid:E2F5A110-39AB-11E9-963D-000C29342CB1
Trust: 0.2
sources:
            
            
            IVD: e2f5a110-39ab-11e9-963d-000c29342cb1 // 
            
            
            
            ZDI: ZDI-18-546 // 
            
            
            
            CNVD: CNVD-2018-12137 // 
            
            
            
            BID: 104377 // 
            
            
            
            JVNDB: JVNDB-2018-006240 // 
            
            
            
            CNNVD: CNNVD-201806-267 // 
            
            
            
            NVD: CVE-2018-10615

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-151-02
Trust: 4.0
url:http://www.gegridsolutions.com/app/downloadfile.aspx?prod=pulsenet&type=9&file=1
Trust: 1.6
url:http://www.securityfocus.com/bid/104377
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10615
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-10615
Trust: 0.8
url:http://www.ge.com/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-18-546 // 
            
            
            
            CNVD: CNVD-2018-12137 // 
            
            
            
            BID: 104377 // 
            
            
            
            JVNDB: JVNDB-2018-006240 // 
            
            
            
            CNNVD: CNNVD-201806-267 // 
            
            
            
            NVD: CVE-2018-10615

CREDITS
rgod
Trust: 1.0
sources:
            
            
            ZDI: ZDI-18-546 // 
            
            
            
            BID: 104377

SOURCES
db:IVDid:e2f5a110-39ab-11e9-963d-000c29342cb1
db:ZDIid:ZDI-18-546
db:CNVDid:CNVD-2018-12137
db:BIDid:104377
db:JVNDBid:JVNDB-2018-006240
db:CNNVDid:CNNVD-201806-267
db:NVDid:CVE-2018-10615

LAST UPDATE DATE
2024-11-23T22:52:04.002000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-18-546date:2018-06-06T00:00:00
db:CNVDid:CNVD-2018-12137date:2018-06-27T00:00:00
db:BIDid:104377date:2018-05-31T00:00:00
db:JVNDBid:JVNDB-2018-006240date:2018-08-15T00:00:00
db:CNNVDid:CNNVD-201806-267date:2019-10-17T00:00:00
db:NVDid:CVE-2018-10615date:2024-11-21T03:41:40.220

SOURCES RELEASE DATE
db:IVDid:e2f5a110-39ab-11e9-963d-000c29342cb1date:2018-06-27T00:00:00
db:ZDIid:ZDI-18-546date:2018-06-06T00:00:00
db:CNVDid:CNVD-2018-12137date:2018-06-27T00:00:00
db:BIDid:104377date:2018-05-31T00:00:00
db:JVNDBid:JVNDB-2018-006240date:2018-08-13T00:00:00
db:CNNVDid:CNNVD-201806-267date:2018-06-04T00:00:00
db:NVDid:CVE-2018-10615date:2018-06-04T14:29:00.313