Details of VAR-201812-0852

ID

VAR-201812-0852

CVE

CVE-2018-7835

TITLE

IIoT Monitor Path Traversal Vulnerability

Trust: 1.4

sources: CNVD: CNVD-2019-03466 // JVNDB: JVNDB-2018-014137

DESCRIPTION

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user. IIoT Monitor Contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Schneider Electric IIoT Monitor. Authentication is not required to exploit this vulnerability.The specific flaw exists within downloadCSV.jsp servlet. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information in the context of SYSTEM. Schneider Electric IIoT Monitor is an industrial IoT monitor from Schneider Electric of France. A directory-traversal vulnerability 2. An arbitrary file-upload vulnerability 3

Trust: 3.6

sources: NVD: CVE-2018-7835 // JVNDB: JVNDB-2018-014137 // ZDI: ZDI-19-020 // CNVD: CNVD-2019-03466 // CNNVD: CNNVD-201812-1095 // BID: 106484

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-03466

AFFECTED PRODUCTS

vendor:	schneider electric	model:	iiot monitor	scope:	eq	version:	3.1.38	Trust: 1.1
vendor:	schneider electric	model:	iiot monior	scope:	eq	version:	3.1.38	Trust: 1.0
vendor:	schneider electric	model:	iiot monitor	scope:	-	version:	-	Trust: 0.7
vendor:	schneider	model:	electric iiot monitor	scope:	eq	version:	3.1.38	Trust: 0.6
vendor:	schneider electric	model:	iiot monitor	scope:	eq	version:	0	Trust: 0.3

sources: ZDI: ZDI-19-020 // CNVD: CNVD-2019-03466 // BID: 106484 // JVNDB: JVNDB-2018-014137 // NVD: CVE-2018-7835

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7835
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-7835
value:	HIGH
Trust: 0.8
ZDI:	CVE-2018-7835
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2019-03466
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201812-1095
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2018-7835
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-03466
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2018-7835
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8
ZDI:	CVE-2018-7835
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-19-020 // CNVD: CNVD-2019-03466 // JVNDB: JVNDB-2018-014137 // CNNVD: CNNVD-201812-1095 // NVD: CVE-2018-7835

PROBLEMTYPE DATA

problemtype:

CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2018-014137 // NVD: CVE-2018-7835

THREAT TYPE

network

Trust: 0.3

sources: BID: 106484

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201812-1095

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014137

PATCH

title:	SEVD-2018-354-03	url:	https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/	Trust: 0.8
title:	Schneider Electric has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-19-008-02	Trust: 0.7
title:	IIoTMonitor path traversal vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/152477	Trust: 0.6
title:	Schneider Electric IIoT Monitor Repair measures for path traversal vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88168	Trust: 0.6

sources: ZDI: ZDI-19-020 // CNVD: CNVD-2019-03466 // JVNDB: JVNDB-2018-014137 // CNNVD: CNNVD-201812-1095

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7835	Trust: 4.0
db:	BID	id:	106484	Trust: 1.9
db:	SCHNEIDER	id:	SEVD-2018-354-03	Trust: 1.6
db:	ICS CERT	id:	ICSA-19-008-02	Trust: 1.1
db:	JVNDB	id:	JVNDB-2018-014137	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-7118	Trust: 0.7
db:	ZDI	id:	ZDI-19-020	Trust: 0.7
db:	CNVD	id:	CNVD-2019-03466	Trust: 0.6
db:	CNNVD	id:	CNNVD-201812-1095	Trust: 0.6

sources: ZDI: ZDI-19-020 // CNVD: CNVD-2019-03466 // BID: 106484 // JVNDB: JVNDB-2018-014137 // CNNVD: CNNVD-201812-1095 // NVD: CVE-2018-7835

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-008-02	Trust: 1.8
url:	https://www.schneider-electric.com/en/download/document/sevd-2018-354-03/	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7835	Trust: 1.4
url:	http://www.securityfocus.com/bid/106484	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7835	Trust: 0.8
url:	www.controlmicrosystems.com	Trust: 0.3

sources: ZDI: ZDI-19-020 // CNVD: CNVD-2019-03466 // BID: 106484 // JVNDB: JVNDB-2018-014137 // CNNVD: CNNVD-201812-1095 // NVD: CVE-2018-7835

CREDITS

rgod of 9sg Security Team - rgod@9sgsec.com

Trust: 0.7

sources: ZDI: ZDI-19-020

SOURCES

db:	ZDI	id:	ZDI-19-020
db:	CNVD	id:	CNVD-2019-03466
db:	BID	id:	106484
db:	JVNDB	id:	JVNDB-2018-014137
db:	CNNVD	id:	CNNVD-201812-1095
db:	NVD	id:	CVE-2018-7835

LAST UPDATE DATE

2024-11-23T22:17:10.645000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-19-020	date:	2019-01-14T00:00:00
db:	CNVD	id:	CNVD-2019-03466	date:	2019-01-31T00:00:00
db:	BID	id:	106484	date:	2019-01-08T00:00:00
db:	JVNDB	id:	JVNDB-2018-014137	date:	2019-03-25T00:00:00
db:	CNNVD	id:	CNNVD-201812-1095	date:	2019-02-11T00:00:00
db:	NVD	id:	CVE-2018-7835	date:	2024-11-21T04:12:50.920

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-19-020	date:	2019-01-14T00:00:00
db:	CNVD	id:	CNVD-2019-03466	date:	2019-01-31T00:00:00
db:	BID	id:	106484	date:	2019-01-08T00:00:00
db:	JVNDB	id:	JVNDB-2018-014137	date:	2019-03-13T00:00:00
db:	CNNVD	id:	CNNVD-201812-1095	date:	2018-12-25T00:00:00
db:	NVD	id:	CVE-2018-7835	date:	2018-12-24T16:29:00.907