Sign-up

ID

VAR-201905-0860


CVE

CVE-2018-4071


TITLE

Sierra Wireless AirLink ES450 Information disclosure vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2018-015402

DESCRIPTION

An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The EmbeddedAceTLGet_Task.cgi executable is used to retrieve MSCII configuration values within the configuration manager of the AirLink ES450. This binary does not have any restricted configuration settings, so once the MSCIID is discovered, any authenticated user can send configuration changes using the /cgi-bin/Embedded_Ace_TLGet_Task.cgi endpoint. The SierraWirelessAirLinkES450 is a cellular network modem device from Sierra Wireless, Canada. The vulnerability stems from errors in the configuration of the network system or product during operation. An unauthorized attacker can exploit the vulnerability to obtain sensitive information about the affected component. :

Trust: 2.25

sources: NVD: CVE-2018-4071 // JVNDB: JVNDB-2018-015402 // CNVD: CNVD-2019-13407 // VULHUB: VHN-134102

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-13407

AFFECTED PRODUCTS

vendor:sierrawirelessmodel:airlink es450scope:eqversion:4.9.3

Trust: 1.0

vendor:sierramodel:airlink es450scope:eqversion:4.9.3

Trust: 0.8

vendor:sierramodel:wireless airlink es450scope:eqversion:4.9.3

Trust: 0.6

sources: CNVD: CNVD-2019-13407 // JVNDB: JVNDB-2018-015402 // NVD: CVE-2018-4071

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4071
value: HIGH

Trust: 1.0

NVD: CVE-2018-4071
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-13407
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201904-1192
value: HIGH

Trust: 0.6

VULHUB: VHN-134102
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-4071
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-13407
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-134102
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-4071
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2019-13407 // VULHUB: VHN-134102 // JVNDB: JVNDB-2018-015402 // CNNVD: CNNVD-201904-1192 // NVD: CVE-2018-4071

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-134102 // JVNDB: JVNDB-2018-015402 // NVD: CVE-2018-4071

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201904-1192

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201904-1192

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015402

PATCH
title:AirLink ES450url:https://www.sierrawireless.com/products-and-solutions/routers-gateways/es450/
Trust: 0.8
title:Patch for SierraWirelessAirLinkES450 Information Disclosure Vulnerability (CNVD-2019-13407)url:https://www.cnvd.org.cn/patchInfo/show/160593
Trust: 0.6
title:Sierra Wireless AirLink ES450 Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92009
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-13407 // 
            
            
            
            JVNDB: JVNDB-2018-015402 // 
            
            
            
            CNNVD: CNNVD-201904-1192

EXTERNAL IDS
db:NVDid:CVE-2018-4071
Trust: 3.1
db:TALOSid:TALOS-2018-0755
Trust: 3.1
db:JVNDBid:JVNDB-2018-015402
Trust: 0.8
db:CNNVDid:CNNVD-201904-1192
Trust: 0.7
db:CNVDid:CNVD-2019-13407
Trust: 0.6
db:PACKETSTORMid:152655
Trust: 0.6
db:VULHUBid:VHN-134102
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-13407 // 
            
            
            
            VULHUB: VHN-134102 // 
            
            
            
            JVNDB: JVNDB-2018-015402 // 
            
            
            
            CNNVD: CNNVD-201904-1192 // 
            
            
            
            NVD: CVE-2018-4071

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0755
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2018-4071
Trust: 1.4
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0755
Trust: 1.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4071
Trust: 0.8
url:https://packetstormsecurity.com/files/152655/sierra-wireless-airlink-es450-acemanager-embedded/ace/get/task.cgi-information-disclosure.html
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-13407 // 
            
            
            
            VULHUB: VHN-134102 // 
            
            
            
            JVNDB: JVNDB-2018-015402 // 
            
            
            
            CNNVD: CNNVD-201904-1192 // 
            
            
            
            NVD: CVE-2018-4071

CREDITS
Carl Hurd and Jared Rittle of Cisco Talos.,Discovered by Carl Hurd and Jared Rittle of Cisco Talos.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201904-1192

SOURCES
db:CNVDid:CNVD-2019-13407
db:VULHUBid:VHN-134102
db:JVNDBid:JVNDB-2018-015402
db:CNNVDid:CNNVD-201904-1192
db:NVDid:CVE-2018-4071

LAST UPDATE DATE
2024-11-23T21:52:16.947000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-13407date:2019-05-09T00:00:00
db:VULHUBid:VHN-134102date:2019-05-08T00:00:00
db:JVNDBid:JVNDB-2018-015402date:2019-06-03T00:00:00
db:CNNVDid:CNNVD-201904-1192date:2019-05-14T00:00:00
db:NVDid:CVE-2018-4071date:2024-11-21T04:06:41.757

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-13407date:2019-05-09T00:00:00
db:VULHUBid:VHN-134102date:2019-05-06T00:00:00
db:JVNDBid:JVNDB-2018-015402date:2019-06-03T00:00:00
db:CNNVDid:CNNVD-201904-1192date:2019-04-25T00:00:00
db:NVDid:CVE-2018-4071date:2019-05-06T19:29:00.950