Sign-up

ID

VAR-201807-0340


CVE

CVE-2018-10609


TITLE

Martem TELEM-GW6/GWM Cross-Site Scripting Vulnerability

Trust: 0.8

sources: IVD: e2f070f0-39ab-11e9-841a-000c29342cb1 // CNVD: CNVD-2018-10589

DESCRIPTION

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code execution with target user privileges. Martem TELEM GW6 and GWM The device firmware contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Martem specializes in providing distribution network monitoring remote control systems, and its customers include distribution companies and industrial and transportation companies with their own power grids. Multiple Martem Products are prone to the following security vulnerabilities. 1. An security bypass vulnerability. 2. A denial-of-service vulnerability. 3. An cross-site scripting vulnerability. Attackers can exploit these issues to bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials, to execute arbitrary scripts in the context of the web browser. Failed exploit attempts will result in a denial-of-service condition. The following products are affected: GW6 Version 2018.04.18-linux_4-01-601cb47 and prior. GWM Version 2018.04.18-linux_4-01-601cb47 and prior. Both Martem GW6 and GWM are data processor products of Estonian Martem Company. The vulnerability is caused by the program not filtering data correctly

Trust: 2.7

sources: NVD: CVE-2018-10609 // JVNDB: JVNDB-2018-008780 // CNVD: CNVD-2018-10589 // BID: 104286 // IVD: e2f070f0-39ab-11e9-841a-000c29342cb1 // VULHUB: VHN-120385

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: e2f070f0-39ab-11e9-841a-000c29342cb1 // CNVD: CNVD-2018-10589

AFFECTED PRODUCTS

vendor:martemmodel:telem-gw6scope:lteversion:2018.04.18-linux_4-01-601cb47

Trust: 1.0

vendor:martemmodel:telem-gwmscope:lteversion:2018.04.18-linux_4-01-601cb47

Trust: 1.0

vendor:martemmodel:telem gw6scope:lteversion:2018.04.18-linux_4-01-601cb47

Trust: 0.8

vendor:martemmodel:telem gwmscope:lteversion:2018.04.18-linux_4-01-601cb47

Trust: 0.8

vendor:martemmodel:gw6 <=2018.04.18-linux 4-01-601cb47scope: - version: -

Trust: 0.6

vendor:martemmodel:gwm <=2018.04.18-linux 4-01-601cb47scope: - version: -

Trust: 0.6

vendor:martemmodel:telem gw6scope:eqversion:2018.04.18-linux_4-01-601cb47

Trust: 0.6

vendor:martemmodel:telem gwmscope:eqversion:2018.04.18-linux_4-01-601cb47

Trust: 0.6

vendor:martemmodel:gwm 2018.04.18-linux 4-0scope: - version: -

Trust: 0.3

vendor:martemmodel:gw6 2018.04.18-linux 4-0scope: - version: -

Trust: 0.3

vendor:telem gwmmodel: - scope:eqversion:*

Trust: 0.2

vendor:telem gw6model: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2f070f0-39ab-11e9-841a-000c29342cb1 // CNVD: CNVD-2018-10589 // BID: 104286 // JVNDB: JVNDB-2018-008780 // CNNVD: CNNVD-201805-1162 // NVD: CVE-2018-10609

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-10609
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-10609
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-10589
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201805-1162
value: MEDIUM

Trust: 0.6

IVD: e2f070f0-39ab-11e9-841a-000c29342cb1
value: MEDIUM

Trust: 0.2

VULHUB: VHN-120385
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-10609
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-10589
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:C/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2f070f0-39ab-11e9-841a-000c29342cb1
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:C/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-120385
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-10609
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: IVD: e2f070f0-39ab-11e9-841a-000c29342cb1 // CNVD: CNVD-2018-10589 // VULHUB: VHN-120385 // JVNDB: JVNDB-2018-008780 // CNNVD: CNNVD-201805-1162 // NVD: CVE-2018-10609

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-120385 // JVNDB: JVNDB-2018-008780 // NVD: CVE-2018-10609

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-1162

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201805-1162

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-008780

PATCH
title:SA1805181url:https://martem.eu/csa/Martem_CSA_Telem_1805181.pdf
Trust: 0.8
title:Martem GW6  and GWM Fixes for cross-site scripting vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80639
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-008780 // 
            
            
            
            CNNVD: CNNVD-201805-1162

EXTERNAL IDS
db:NVDid:CVE-2018-10609
Trust: 3.6
db:ICS CERTid:ICSA-18-142-01
Trust: 3.4
db:BIDid:104286
Trust: 2.0
db:CNNVDid:CNNVD-201805-1162
Trust: 0.9
db:CNVDid:CNVD-2018-10589
Trust: 0.8
db:JVNDBid:JVNDB-2018-008780
Trust: 0.8
db:IVDid:E2F070F0-39AB-11E9-841A-000C29342CB1
Trust: 0.2
db:VULHUBid:VHN-120385
Trust: 0.1
sources:
            
            
            IVD: e2f070f0-39ab-11e9-841a-000c29342cb1 // 
            
            
            
            CNVD: CNVD-2018-10589 // 
            
            
            
            VULHUB: VHN-120385 // 
            
            
            
            BID: 104286 // 
            
            
            
            JVNDB: JVNDB-2018-008780 // 
            
            
            
            CNNVD: CNNVD-201805-1162 // 
            
            
            
            NVD: CVE-2018-10609

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-18-142-01
Trust: 3.4
url:http://www.securityfocus.com/bid/104286
Trust: 1.7
url:http://martem.eu/csa/martem_csa_telem_1805181.pdf
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10609
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-10609
Trust: 0.8
url:http://martem.ee/
Trust: 0.3
url:http://martem.eu/csa/martem_csa_telem_1805182.pdf
Trust: 0.3
url:http://martem.eu/csa/martem_csa_telem_1805184.pdf
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2018-10589 // 
            
            
            
            VULHUB: VHN-120385 // 
            
            
            
            BID: 104286 // 
            
            
            
            JVNDB: JVNDB-2018-008780 // 
            
            
            
            CNNVD: CNNVD-201805-1162 // 
            
            
            
            NVD: CVE-2018-10609

CREDITS
Latvia,Bernhards Blumbergs and Arturs Danilevics of CERT.LV
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201805-1162

SOURCES
db:IVDid:e2f070f0-39ab-11e9-841a-000c29342cb1
db:CNVDid:CNVD-2018-10589
db:VULHUBid:VHN-120385
db:BIDid:104286
db:JVNDBid:JVNDB-2018-008780
db:CNNVDid:CNNVD-201805-1162
db:NVDid:CVE-2018-10609

LAST UPDATE DATE
2024-11-23T22:12:28.786000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-10589date:2018-05-30T00:00:00
db:VULHUBid:VHN-120385date:2019-10-09T00:00:00
db:BIDid:104286date:2018-05-22T00:00:00
db:JVNDBid:JVNDB-2018-008780date:2018-10-29T00:00:00
db:CNNVDid:CNNVD-201805-1162date:2019-10-17T00:00:00
db:NVDid:CVE-2018-10609date:2024-11-21T03:41:39.490

SOURCES RELEASE DATE
db:IVDid:e2f070f0-39ab-11e9-841a-000c29342cb1date:2018-05-30T00:00:00
db:CNVDid:CNVD-2018-10589date:2018-05-30T00:00:00
db:VULHUBid:VHN-120385date:2018-07-31T00:00:00
db:BIDid:104286date:2018-05-22T00:00:00
db:JVNDBid:JVNDB-2018-008780date:2018-10-29T00:00:00
db:CNNVDid:CNNVD-201805-1162date:2018-06-05T00:00:00
db:NVDid:CVE-2018-10609date:2018-07-31T17:29:00.373