FKIE_CVE-2018-19394

Vulnerability from fkie_nvd - Published: 2019-03-15 16:29 - Updated: 2024-11-21 03:57
Severity
4.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device's configuration file, inserting an XSS payload into a relevant field (e.g., Satellite name), and then restoring the malicious configuration file.
References
cve@mitre.orghttps://cyberskr.com/blog/cobham-satcom-800-900.htmlThird Party Advisory
cve@mitre.orghttps://gist.github.com/CyberSKR/fe21b920c8933867ea262a325d37f03bThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cyberskr.com/blog/cobham-satcom-800-900.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://gist.github.com/CyberSKR/fe21b920c8933867ea262a325d37f03bThird Party Advisory
Impacted products
Vendor Product Version
cobham satcom_sailor_800_firmware -
cobham satcom_sailor_800 -
cobham satcom_sailor_900_firmware -
cobham satcom_sailor_900 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cobham:satcom_sailor_800_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC1C724B-5F9F-4303-A46A-1CF79B74CC86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cobham:satcom_sailor_800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE54DE4-318E-4E4C-9A5E-A574AAEAE876",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cobham:satcom_sailor_900_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38951D3E-266C-46FE-A67B-A2224A1EEBBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cobham:satcom_sailor_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3341A126-A6C7-4694-B466-D2BBE0F83A71",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device\u0027s configuration file, inserting an XSS payload into a relevant field (e.g., Satellite name), and then restoring the malicious configuration file."
    },
    {
      "lang": "es",
      "value": "Los dispositivos Cobham Satcom Sailor 800 y 900 conten\u00edan Cross-Site Scripting (XSS) persistente, que requer\u00eda acceso administrativo para su explotaci\u00f3n. La vulnerabilidad era explotable adquiriendo una copia del archivo de configuraci\u00f3n del dispositivo, insertando una carga \u00fatil XSS en un campo relevante (por ejemplo, \"Satellite name\") y, despu\u00e9s, recuperando el archivo de configuraci\u00f3n malicioso."
    }
  ],
  "id": "CVE-2018-19394",
  "lastModified": "2024-11-21T03:57:51.090",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.7,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-15T16:29:00.467",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cyberskr.com/blog/cobham-satcom-800-900.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gist.github.com/CyberSKR/fe21b920c8933867ea262a325d37f03b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cyberskr.com/blog/cobham-satcom-800-900.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gist.github.com/CyberSKR/fe21b920c8933867ea262a325d37f03b"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.