Vulnerability-Lookup

CVE-2018-7835 (GCVE-0-2018-7835)

Vulnerability from cvelistv5 – Published: 2018-12-24 16:00 – Updated: 2024-08-05 06:37

Summary

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user.

Severity ?

No CVSS data available.

CWE

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

schneider

References

URL

	Vendor	Product	Version
	Schneider Electric SE	IIoT Monitor 3.1.38	Affected: IIoT Monitor 3.1.38

FKIE_CVE-2018-7835

Vulnerability from fkie_nvd - Published: 2018-12-24 16:29 - Updated: 2024-11-21 04:12

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user.

References

URL	Tags
cybersecurity@se.com	http://www.securityfocus.com/bid/106484	Third Party Advisory
cybersecurity@se.com	https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/106484	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	schneider-electric	iiot_monior	3.1.38

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:iiot_monior:3.1.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2F8DD41-8532-4663-A759-82022E2CEF0A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de limitaci\u00f3n incorrecta de un nombre de ruta en un directorio restringido (\"salto de directorio\") en IIoT Monitor 3.1.38, lo que podr\u00eda permitir el acceso a archivos disponibles para el usuario SYSTEM."
    }
  ],
  "id": "CVE-2018-7835",
  "lastModified": "2024-11-21T04:12:50.920",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-12-24T16:29:00.907",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/106484"
    },
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/106484"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201812-0852

Vulnerability from variot - Updated: 2024-11-23 22:17

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user. IIoT Monitor Contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Schneider Electric IIoT Monitor. Authentication is not required to exploit this vulnerability.The specific flaw exists within downloadCSV.jsp servlet. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information in the context of SYSTEM. Schneider Electric IIoT Monitor is an industrial IoT monitor from Schneider Electric of France. A directory-traversal vulnerability 2. An arbitrary file-upload vulnerability 3

Show details on source website

JSON

To clipboard

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "iiot monitor",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "schneider electric",
        "version": "3.1.38"
      },
      {
        "_id": null,
        "model": "iiot monior",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "schneider electric",
        "version": "3.1.38"
      },
      {
        "_id": null,
        "model": "iiot monitor",
        "scope": null,
        "trust": 0.7,
        "vendor": "schneider electric",
        "version": null
      },
      {
        "_id": null,
        "model": "electric iiot monitor",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "schneider",
        "version": "3.1.38"
      },
      {
        "_id": null,
        "model": "iiot monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-020"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      },
      {
        "db": "BID",
        "id": "106484"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7835"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:schneider_electric:iiot_monior",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "rgod of 9sg Security Team - rgod@9sgsec.com",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-020"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2018-7835",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-7835",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-03466",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-7835",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-7835",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-7835",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-7835",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2018-7835",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-03466",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201812-1095",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-020"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-1095"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7835"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user. IIoT Monitor Contains a path traversal vulnerability.Information may be obtained. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Schneider Electric IIoT Monitor. Authentication is not required to exploit this vulnerability.The specific flaw exists within downloadCSV.jsp servlet. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information in the context of SYSTEM. Schneider Electric IIoT Monitor is an industrial IoT monitor from Schneider Electric of France. A directory-traversal vulnerability\n2. An arbitrary file-upload vulnerability\n3",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7835"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-020"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-1095"
      },
      {
        "db": "BID",
        "id": "106484"
      }
    ],
    "trust": 3.6
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-7835",
        "trust": 4.0
      },
      {
        "db": "BID",
        "id": "106484",
        "trust": 1.9
      },
      {
        "db": "SCHNEIDER",
        "id": "SEVD-2018-354-03",
        "trust": 1.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-008-02",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7118",
        "trust": 0.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-020",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-1095",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-020"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      },
      {
        "db": "BID",
        "id": "106484"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-1095"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7835"
      }
    ]
  },
  "id": "VAR-201812-0852",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      }
    ],
    "trust": 1.5166667
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:17:10.645000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "SEVD-2018-354-03",
        "trust": 0.8,
        "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
      },
      {
        "title": "Schneider Electric has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-008-02"
      },
      {
        "title": "IIoTMonitor path traversal vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/152477"
      },
      {
        "title": "Schneider Electric IIoT Monitor Repair measures for path traversal vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88168"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-020"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-1095"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7835"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 1.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-008-02"
      },
      {
        "trust": 1.6,
        "url": "https://www.schneider-electric.com/en/download/document/sevd-2018-354-03/"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7835"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/106484"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7835"
      },
      {
        "trust": 0.3,
        "url": "www.controlmicrosystems.com"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-020"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      },
      {
        "db": "BID",
        "id": "106484"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-1095"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7835"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-19-020",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466",
        "ident": null
      },
      {
        "db": "BID",
        "id": "106484",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-1095",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7835",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2019-01-14T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-020",
        "ident": null
      },
      {
        "date": "2019-01-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-03466",
        "ident": null
      },
      {
        "date": "2019-01-08T00:00:00",
        "db": "BID",
        "id": "106484",
        "ident": null
      },
      {
        "date": "2019-03-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014137",
        "ident": null
      },
      {
        "date": "2018-12-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201812-1095",
        "ident": null
      },
      {
        "date": "2018-12-24T16:29:00.907000",
        "db": "NVD",
        "id": "CVE-2018-7835",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2019-01-14T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-020",
        "ident": null
      },
      {
        "date": "2019-01-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-03466",
        "ident": null
      },
      {
        "date": "2019-01-08T00:00:00",
        "db": "BID",
        "id": "106484",
        "ident": null
      },
      {
        "date": "2019-03-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014137",
        "ident": null
      },
      {
        "date": "2019-02-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201812-1095",
        "ident": null
      },
      {
        "date": "2024-11-21T04:12:50.920000",
        "db": "NVD",
        "id": "CVE-2018-7835",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "106484"
      }
    ],
    "trust": 0.3
  },
  "title": {
    "_id": null,
    "data": "IIoT Monitor Path Traversal Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-03466"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014137"
      }
    ],
    "trust": 1.4
  },
  "type": {
    "_id": null,
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-1095"
      }
    ],
    "trust": 0.6
  }
}

ICSA-19-008-02

Vulnerability from csaf_cisa - Published: 2019-01-08 00:00 - Updated: 2019-01-15 00:00

Summary

Schneider Electric IIoT Monitor (Update A)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Critical infrastructure sectors

Commercial Facilities, Critical Manufacturing, Energy, Transportation Services

Countries/areas deployed

Worldwide

Company headquarters location

France

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Recommended Practices

NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "rgod"
        ],
        "organization": "Trend Micro \u0027s Zero Day Initiative",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "Commercial Facilities, Critical Manufacturing, Energy, Transportation Services",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "France",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-008-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-008-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-008-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-008-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-008-02"
      }
    ],
    "title": "Schneider Electric IIoT Monitor (Update A)",
    "tracking": {
      "current_release_date": "2019-01-15T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-19-008-02",
      "initial_release_date": "2019-01-08T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2019-01-08T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-19-008-02 Schneider Electric IIoT Monitor"
        },
        {
          "date": "2019-01-15T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-19-008-02 Schneider Electric IIoT Monitor (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 3.1.38",
                "product": {
                  "name": "IIoT Monitor: Versions 3.1.38 and prior",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "IIoT Monitor"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-7835",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A path traversal vulnerability exists, which may allow access to files available to SYSTEM user.CVE-2018-7835 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7835"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.schneider-electric.com/en/work/support/contacts.jsp"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has also released a security notification ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric strongly recommends implementing industry cybersecurity best practices",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All controllers should reside in locked cabinets and never be left in the \u201cProgram\u201d mode.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7836",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An unrestricted upload of a file with dangerous type vulnerability exists in the IIoT Monitor software that could allow the uploading and execution of malicious files.CVE-2018-7836 has been assigned to this vulnerability. A CVSS v3 base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7836"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.schneider-electric.com/en/work/support/contacts.jsp"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has also released a security notification ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric strongly recommends implementing industry cybersecurity best practices",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All controllers should reside in locked cabinets and never be left in the \u201cProgram\u201d mode.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7837",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is an XXE vulnerability in the IIoT Monitor software that may allow the software to resolve documents outside of the intended sphere of control, causing the software to embed incorrect documents into its output and expose restricted information.CVE-2018-7837 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7837"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.schneider-electric.com/en/work/support/contacts.jsp"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has also released a security notification ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric strongly recommends implementing industry cybersecurity best practices",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All controllers should reside in locked cabinets and never be left in the \u201cProgram\u201d mode.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-7839",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a hardcoded cryptographic key that may affect the confidentiality of the device.CVE-2018-7839 has been assigned to this vulnerability. A CVSS v3 base score of 6.2 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7839"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends that affected users contact Schneider Electric customer support at https://www.schneider-electric.com/en/work/support/contacts.jsp for assistance in migrating to the latest software to resolve the issues.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.schneider-electric.com/en/work/support/contacts.jsp"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric has also released a security notification ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric strongly recommends implementing industry cybersecurity best practices",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Locate control and safety system networks and remote devices behind firewalls, and isolate them from the business network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Physical controls should be in place so that no unauthorized person would have access to the ICS and safety controllers, peripheral equipment or the ICS and safety networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All controllers should reside in locked cabinets and never be left in the \u201cProgram\u201d mode.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All programming software should be kept in locked cabinets and should never be connected to any network other than the network for the devices that it is intended.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "All methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. should be scanned before use in the terminals or any node connected to these networks.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Laptops that have connected to any other network besides the intended network should never be allowed to connect to the safety or control networks without proper sanitation.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When remote access is required, use secure methods, such as virtual private networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

GHSA-7G62-QQ9M-2286

Vulnerability from github – Published: 2022-05-14 01:37 – Updated: 2022-05-14 01:37

Details

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user.

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-7835"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-12-24T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user.",
  "id": "GHSA-7g62-qq9m-2286",
  "modified": "2022-05-14T01:37:26Z",
  "published": "2022-05-14T01:37:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7835"
    },
    {
      "type": "WEB",
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106484"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2018-AVI-610

Vulnerability from certfr_avis - Published: 2018-12-24 - Updated: 2018-12-24

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	EVLink Parking versions 3.2.0-12_v1 et antérieures
Schneider Electric	N/A	IIoT Monitor 3.1.38
Schneider Electric	N/A	Pro-Face GP-Pro EX versions 4.08 et antérieures

References

Title

Publication Time

CNVD-2019-03466

Vulnerability from cnvd - Published: 2019-01-31

Title

IIoT Monitor路径遍历漏洞

Description

Schneider Electric IIoT Monitor是法国施耐德电气（Schneider Electric）公司的一款工业物联网监视器。 Schneider Electric IIoT Monitor 3.1.38版本中存在路径遍历漏洞。攻击者可利用该漏洞访问系统用户可访问的文件。

Severity

中

Patch Name

IIoT Monitor路径遍历漏洞的补丁

Patch Description

Schneider Electric IIoT Monitor是法国施耐德电气（Schneider Electric）公司的一款工业物联网监视器。 Schneider Electric IIoT Monitor 3.1.38版本中存在路径遍历漏洞。攻击者可利用该漏洞访问系统用户可访问的文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2018-354-03-IIoT+Monitor.pdf&p_Doc_Ref=SEVD-2018-354-03

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-7835

Impacted products

Name
Schneider Electric IIoT Monitor 3.1.38

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "106484"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-7835"
    }
  },
  "description": "Schneider Electric IIoT Monitor\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5de5\u4e1a\u7269\u8054\u7f51\u76d1\u89c6\u5668\u3002\n\nSchneider Electric IIoT Monitor 3.1.38\u7248\u672c\u4e2d\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u7cfb\u7edf\u7528\u6237\u53ef\u8bbf\u95ee\u7684\u6587\u4ef6\u3002",
  "discovererName": "Trend Micro\u00e2??s Zero Day Initiative working with rgod",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-354-03-IIoT+Monitor.pdf\u0026p_Doc_Ref=SEVD-2018-354-03",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-03466",
  "openTime": "2019-01-31",
  "patchDescription": "Schneider Electric IIoT Monitor\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5de5\u4e1a\u7269\u8054\u7f51\u76d1\u89c6\u5668\u3002\r\n\r\nSchneider Electric IIoT Monitor 3.1.38\u7248\u672c\u4e2d\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u7cfb\u7edf\u7528\u6237\u53ef\u8bbf\u95ee\u7684\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IIoT Monitor\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Schneider Electric IIoT Monitor 3.1.38"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-7835",
  "serverity": "\u4e2d",
  "submitTime": "2018-12-25",
  "title": "IIoT Monitor\u8def\u5f84\u904d\u5386\u6f0f\u6d1e"
}

GSD-2018-7835

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user.

Aliases

CVE-2018-7835

Aliases

CVE-2018-7835

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-7835",
    "description": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user.",
    "id": "GSD-2018-7835"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-7835"
      ],
      "details": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user.",
      "id": "GSD-2018-7835",
      "modified": "2023-12-13T01:22:33.135534Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cybersecurity@schneider-electric.com",
        "ID": "CVE-2018-7835",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "IIoT Monitor 3.1.38",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "IIoT Monitor 3.1.38"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Schneider Electric SE"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "106484",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/106484"
          },
          {
            "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/",
            "refsource": "CONFIRM",
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:iiot_monior:3.1.38:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7835"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/"
            },
            {
              "name": "106484",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/106484"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-02-01T17:28Z",
      "publishedDate": "2018-12-24T16:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-7835 (GCVE-0-2018-7835)

FKIE_CVE-2018-7835

VAR-201812-0852

ICSA-19-008-02

GHSA-7G62-QQ9M-2286

CERTFR-2018-AVI-610

Solution

CNVD-2019-03466

GSD-2018-7835

Tags

Sightings

Nomenclature