Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-4062 (GCVE-0-2018-4062)
Vulnerability from cvelistv5
Published
2019-05-06 18:28
Modified
2024-08-05 05:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use of Hard-coded Credentials
Summary
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless |
Version: Sierra Wireless AirLink ES450 FW 4.9.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:04:28.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
},
{
"name": "108147",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108147"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless AirLink ES450 FW 4.9.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-07T19:14:51",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
},
{
"name": "108147",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108147"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2018-4062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless AirLink ES450 FW 4.9.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
},
{
"name": "108147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108147"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2018-4062",
"datePublished": "2019-05-06T18:28:04",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T05:04:28.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-4062\",\"sourceIdentifier\":\"talos-cna@cisco.com\",\"published\":\"2019-05-06T19:29:00.577\",\"lastModified\":\"2024-11-21T04:06:40.247\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de credenciales embebidas en la funci\u00f3n snmpd del Sierra Wireless AirLink ES450 FW 4.9.3. La activaci\u00f3n de snmpd fuera de la interfaz WebUI puede causar la activaci\u00f3n de las credenciales embebidas, que dar\u00e1 como resultado la exposici\u00f3n de un usuario privilegiado. Un atacante puede activar snmpd sin ning\u00fan cambio de configuraci\u00f3n para desencadenar esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sierrawireless:airlink_es450_firmware:4.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B67419F-92AF-48DF-873D-F9E0190BFFD0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E042BE5-9B2E-42B9-B455-FDB35251B0A6\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/108147\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/108147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
}
}
ICSA-19-122-03
Vulnerability from csaf_cisa
Published
2019-05-02 00:00
Modified
2020-04-23 00:00
Summary
Sierra Wireless AirLink ALEOS (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow attackers to remotely execute code, discover user credentials, upload files, or discover file paths.
Critical infrastructure sectors
Commercial Facilities, Communications, Emergency Services, Energy, Government Facilities, Transportation Systems, Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Canada
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on us-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
{
"document": {
"acknowledgments": [
{
"names": [
"Carl Hurd",
"Jared Rittle"
],
"organization": "Cisco Talos",
"summary": "reporting these vulnerabilities to Sierra Wireless"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow attackers to remotely execute code, discover user credentials, upload files, or discover file paths.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities, Communications, Emergency Services, Energy, Government Facilities, Transportation Systems, Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Canada",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on us-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-122-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-122-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-122-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/"
}
],
"title": "Sierra Wireless AirLink ALEOS (Update B)",
"tracking": {
"current_release_date": "2020-04-23T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-122-03",
"initial_release_date": "2019-05-02T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-05-02T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-122-03 Sierra Wireless AirLink ALEOS"
},
{
"date": "2019-08-20T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-19-122-03 Sierra Wireless AirLink ALEOS (Update A)"
},
{
"date": "2020-04-23T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-19-122-03 Sierra Wireless AirLink ALEOS (Update B)"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.12",
"product": {
"name": "MP70 MP70E RV50 RV50X LX40 and LX60: All versions prior to 4.12",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "MP70 MP70E RV50 RV50X LX40 and LX60"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.4.9",
"product": {
"name": "LS300 GX400 GX440 and ES440: All versions prior to 4.4.9",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "LS300 GX400 GX440 and ES440"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.9.4",
"product": {
"name": "GX450 and ES450: All versions prior to 4.9.4",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "GX450 and ES450"
}
],
"category": "vendor",
"name": "Sierra Wireless"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-4061",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted authenticated HTTP request can inject arbitrary commands, resulting in remote code execution.CVE-2018-4061 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4061"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4062",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "Activating SNMPD outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate SNMPD without any configuration changes to trigger this vulnerability.CVE-2018-4062 has been assigned to this vulnerability. A CVSS v3 base score of 6.2 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4062"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4063",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted authenticated HTTP request can upload a file, resulting in an executable, routable code upload to the web server.CVE-2018-4063 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4063"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4066",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted HTTP ping request can cause reflected JavaScript to be executed and run on the user \u0027s browser. An attacker can exploit this by convincing a user to click a link or embedded URL that redirects to the reflected cross-site scripting vulnerability.CVE-2018-4066 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4066"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4067",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted HTTP request can cause an authenticated user to perform privileged requests unknowingly, resulting in unauthenticated requests through an authenticated user. Triggering this vulnerability may allow an attacker access to authenticated pages via an authenticated user.CVE-2018-4067 has been assigned to this vulnerability. A CVSS v3 base score of 4.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4067"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4069",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted authenticated HTTP request can cause an information leak, resulting in the disclosure of internal file paths.CVE-2018-4069 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4069"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
}
]
}
icsa-19-122-03
Vulnerability from csaf_cisa
Published
2019-05-02 00:00
Modified
2020-04-23 00:00
Summary
Sierra Wireless AirLink ALEOS (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow attackers to remotely execute code, discover user credentials, upload files, or discover file paths.
Critical infrastructure sectors
Commercial Facilities, Communications, Emergency Services, Energy, Government Facilities, Transportation Systems, Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Canada
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on us-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
{
"document": {
"acknowledgments": [
{
"names": [
"Carl Hurd",
"Jared Rittle"
],
"organization": "Cisco Talos",
"summary": "reporting these vulnerabilities to Sierra Wireless"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow attackers to remotely execute code, discover user credentials, upload files, or discover file paths.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities, Communications, Emergency Services, Energy, Government Facilities, Transportation Systems, Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Canada",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on us-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-122-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-122-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-122-03 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/ncas/tips/ST04-014"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/"
}
],
"title": "Sierra Wireless AirLink ALEOS (Update B)",
"tracking": {
"current_release_date": "2020-04-23T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-122-03",
"initial_release_date": "2019-05-02T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-05-02T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-122-03 Sierra Wireless AirLink ALEOS"
},
{
"date": "2019-08-20T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-19-122-03 Sierra Wireless AirLink ALEOS (Update A)"
},
{
"date": "2020-04-23T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-19-122-03 Sierra Wireless AirLink ALEOS (Update B)"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.12",
"product": {
"name": "MP70 MP70E RV50 RV50X LX40 and LX60: All versions prior to 4.12",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "MP70 MP70E RV50 RV50X LX40 and LX60"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.4.9",
"product": {
"name": "LS300 GX400 GX440 and ES440: All versions prior to 4.4.9",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "LS300 GX400 GX440 and ES440"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 4.9.4",
"product": {
"name": "GX450 and ES450: All versions prior to 4.9.4",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "GX450 and ES450"
}
],
"category": "vendor",
"name": "Sierra Wireless"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-4061",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted authenticated HTTP request can inject arbitrary commands, resulting in remote code execution.CVE-2018-4061 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4061"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4062",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "Activating SNMPD outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate SNMPD without any configuration changes to trigger this vulnerability.CVE-2018-4062 has been assigned to this vulnerability. A CVSS v3 base score of 6.2 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4062"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4063",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted authenticated HTTP request can upload a file, resulting in an executable, routable code upload to the web server.CVE-2018-4063 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4063"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4066",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted HTTP ping request can cause reflected JavaScript to be executed and run on the user \u0027s browser. An attacker can exploit this by convincing a user to click a link or embedded URL that redirects to the reflected cross-site scripting vulnerability.CVE-2018-4066 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4066"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4067",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted HTTP request can cause an authenticated user to perform privileged requests unknowingly, resulting in unauthenticated requests through an authenticated user. Triggering this vulnerability may allow an attacker access to authenticated pages via an authenticated user.CVE-2018-4067 has been assigned to this vulnerability. A CVSS v3 base score of 4.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4067"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
},
{
"cve": "CVE-2018-4069",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "A specially crafted authenticated HTTP request can cause an information leak, resulting in the disclosure of internal file paths.CVE-2018-4069 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4069"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Sierra Wireless recommends users upgrade to the latest version of ALEOS for the products and versions below. For upgrade assistance, contact an authorized AirLink reseller, Sierra Wireless sales, technical representative, or Sierra Wireless technical support.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "LS300, GX400, GX440, ES440: ALEOS 4.4.9 The ALEOS 4.4.9 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,9-release-notes/"
},
{
"category": "mitigation",
"details": "GX450, ES450: ALEOS 4.9.4.p09",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "MP70, MP70E, RV50, RV50X, LX40, LX60: ALEOS 4.12 The ALEOS 4.12.0 Release Note is available (login required)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
],
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,12,-d-,0-release-notes/"
},
{
"category": "mitigation",
"details": "Ensure a strong password is set for the user account. For guidance on password strength, Sierra Wireless recommends the \u201cmemorized secret authenticator\u201d guidelines in NIST SP800-63B.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If ALEOS Application Framework (AAF) is enabled, ensure a strong password is set for the AAF User account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "If Telnet or SSH is enabled, ensure a strong password is set for the console account.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "When connecting directly to ACEmanager: Use only HTTPS.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Utilize an up-to-date, modern web browser with built-in CSS and CSRF protection, such as Chrome, Firefox, or Edge.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "The following SNORT rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to a Firepower Management Center or Snort.org.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
},
{
"category": "mitigation",
"details": "Snort Rules: 48600, 48635, 48614 - 48621, 48747",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003"
]
}
]
}
]
}
fkie_cve-2018-4062
Vulnerability from fkie_nvd
Published
2019-05-06 19:29
Modified
2024-11-21 04:06
Severity ?
Summary
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| talos-cna@cisco.com | http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html | Exploit, Third Party Advisory, VDB Entry | |
| talos-cna@cisco.com | http://www.securityfocus.com/bid/108147 | Third Party Advisory, VDB Entry | |
| talos-cna@cisco.com | https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03 | Third Party Advisory, VDB Entry | |
| talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108147 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sierrawireless | airlink_es450_firmware | 4.9.3 | |
| sierrawireless | airlink_es450 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sierrawireless:airlink_es450_firmware:4.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67419F-92AF-48DF-873D-F9E0190BFFD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E042BE5-9B2E-42B9-B455-FDB35251B0A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de credenciales embebidas en la funci\u00f3n snmpd del Sierra Wireless AirLink ES450 FW 4.9.3. La activaci\u00f3n de snmpd fuera de la interfaz WebUI puede causar la activaci\u00f3n de las credenciales embebidas, que dar\u00e1 como resultado la exposici\u00f3n de un usuario privilegiado. Un atacante puede activar snmpd sin ning\u00fan cambio de configuraci\u00f3n para desencadenar esta vulnerabilidad."
}
],
"id": "CVE-2018-4062",
"lastModified": "2024-11-21T04:06:40.247",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-06T19:29:00.577",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108147"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-x7qh-pj6r-h933
Vulnerability from github
Published
2022-05-24 16:45
Modified
2024-04-04 00:29
Severity ?
VLAI Severity ?
Details
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2018-4062"
],
"database_specific": {
"cwe_ids": [
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-06T19:29:00Z",
"severity": "HIGH"
},
"details": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.",
"id": "GHSA-x7qh-pj6r-h933",
"modified": "2024-04-04T00:29:20Z",
"published": "2022-05-24T16:45:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4062"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108147"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
var-201905-0852
Vulnerability from variot
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability. Sierra Wireless AirLink ES450 The firmware contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A command-injection vulnerability 2. A security-bypass vulnerability 3. A remote code-execution vulnerability 4. An cross-site scripting vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple information disclosure vulnerabilities An attacker may leverage these issues to execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, perform certain administrative actions and gain unauthorized access to the affected application, execute arbitrary code, execute arbitrary commands with system-level privileges, This may aid in further attacks. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0852",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "airlink es450",
"scope": "eq",
"trust": 1.0,
"vendor": "sierrawireless",
"version": "4.9.3"
},
{
"model": "airlink es450",
"scope": "eq",
"trust": 0.8,
"vendor": "sierra",
"version": "4.9.3"
},
{
"model": "wireless airlink rv50x aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.11.2"
},
{
"model": "wireless airlink rv50 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.11.2"
},
{
"model": "wireless airlink mp70e aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.11.2"
},
{
"model": "wireless airlink mp70 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.11.2"
},
{
"model": "wireless airlink lx60 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.10"
},
{
"model": "wireless airlink lx40 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.11.1"
},
{
"model": "wireless airlink ls300 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.4.8"
},
{
"model": "wireless airlink gx450 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.9.3"
},
{
"model": "wireless airlink gx440 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.4.8"
},
{
"model": "wireless airlink gx400 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.4.8"
},
{
"model": "wireless airlink es450 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.9.3"
},
{
"model": "wireless airlink es440 aleos",
"scope": "eq",
"trust": 0.3,
"vendor": "sierra",
"version": "4.4.8"
},
{
"model": "wireless airlink gx450 aleos 4.9.4.p09",
"scope": "ne",
"trust": 0.3,
"vendor": "sierra",
"version": null
},
{
"model": "wireless airlink gx450 aleos",
"scope": "ne",
"trust": 0.3,
"vendor": "sierra",
"version": "4.9.4"
},
{
"model": "wireless airlink es450 aleos 4.9.4.p09",
"scope": "ne",
"trust": 0.3,
"vendor": "sierra",
"version": null
},
{
"model": "wireless airlink es450 aleos",
"scope": "ne",
"trust": 0.3,
"vendor": "sierra",
"version": "4.9.4"
}
],
"sources": [
{
"db": "BID",
"id": "108147"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"db": "NVD",
"id": "CVE-2018-4062"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:sierra_wireless:airlink_es450",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Talos,Carl Hurd and Jared Rittle of Cisco Talos.,Carl Hurd and Jared Rittle of Cisco Talos reported these vulnerabilities to Sierra Wireless.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-1182"
}
],
"trust": 0.6
},
"cve": "CVE-2018-4062",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-4062",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-134093",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2018-4062",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-4062",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-4062",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-1182",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134093",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1182"
},
{
"db": "NVD",
"id": "CVE-2018-4062"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability. Sierra Wireless AirLink ES450 The firmware contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A command-injection vulnerability\n2. A security-bypass vulnerability\n3. A remote code-execution vulnerability\n4. An cross-site scripting vulnerability\n5. A cross-site request-forgery vulnerability\n6. Multiple information disclosure vulnerabilities\nAn attacker may leverage these issues to execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, perform certain administrative actions and gain unauthorized access to the affected application, execute arbitrary code, execute arbitrary commands with system-level privileges, This may aid in further attacks. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4062"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"db": "BID",
"id": "108147"
},
{
"db": "VULHUB",
"id": "VHN-134093"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-134093",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134093"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4062",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSA-19-122-03",
"trust": 2.8
},
{
"db": "TALOS",
"id": "TALOS-2018-0747",
"trust": 2.8
},
{
"db": "BID",
"id": "108147",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "152647",
"trust": 1.7
},
{
"db": "TALOS",
"id": "TALOS-2018-0746",
"trust": 0.9
},
{
"db": "TALOS",
"id": "TALOS-2018-0752",
"trust": 0.9
},
{
"db": "TALOS",
"id": "TALOS-2018-0748",
"trust": 0.9
},
{
"db": "TALOS",
"id": "TALOS-2018-0754",
"trust": 0.9
},
{
"db": "TALOS",
"id": "TALOS-2018-0750",
"trust": 0.9
},
{
"db": "TALOS",
"id": "TALOS-2018-0751",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015405",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1182",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "47365",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1530.2",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-134093",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134093"
},
{
"db": "BID",
"id": "108147"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1182"
},
{
"db": "NVD",
"id": "CVE-2018-4062"
}
]
},
"id": "VAR-201905-0852",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134093"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:59:56.790000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AirLink ES450",
"trust": 0.8,
"url": "https://www.sierrawireless.com/products-and-solutions/routers-gateways/es450/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134093"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"db": "NVD",
"id": "CVE-2018-4062"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-122-03"
},
{
"trust": 2.5,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0747"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108147"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/152647/sierra-wireless-airlink-es450-snmpd-hard-coded-credentials.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4062"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/resources/airlink/software_downloads/es440-firmware/es440-firmware-list/"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/resources/airlink/software_downloads/es450/es450-firmware-package-list/"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/resources/airlink/software_downloads/gx400-firmware/gx400-firmware-list/"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/resources/airlink/software_downloads/gx450/gx450-firmware-list/"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/resources/airlink/software_downloads/ls300-firmware/ls300-firmware-list/"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/resources/airlink/software_downloads/mp70/mp70-firmware-list/"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/resources/airlink/software_downloads/rv50/rv50-firmware-list/"
},
{
"trust": 0.9,
"url": "https://www.sierrawireless.com/"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---swi-psa-2019-003/"
},
{
"trust": 0.9,
"url": "https://www.talosintelligence.com/reports/talos-2018-0751"
},
{
"trust": 0.9,
"url": "https://www.talosintelligence.com/reports/talos-2018-0754"
},
{
"trust": 0.9,
"url": "https://www.talosintelligence.com/reports/talos-2018-0746"
},
{
"trust": 0.9,
"url": "https://www.talosintelligence.com/reports/talos-2018-0750"
},
{
"trust": 0.9,
"url": "https://www.talosintelligence.com/reports/talos-2018-0752"
},
{
"trust": 0.9,
"url": "https://www.talosintelligence.com/reports/talos-2018-0748"
},
{
"trust": 0.9,
"url": "https://www.talosintelligence.com/reports/talos-2018-0747"
},
{
"trust": 0.9,
"url": "https://source.sierrawireless.com/~/media/support_downloads/airlink/docs/technical%20bulletin/swi-psa-2019-003%20-%20talos%20cves%20-%2030apr2019.ashx?la=en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4062"
},
{
"trust": 0.6,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4-d-9-d-4-release-notes/"
},
{
"trust": 0.6,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4-d-4-d-8-release-notes/"
},
{
"trust": 0.6,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4-d-11-d-2-release-notes/"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-122-03"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.1530.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/80158"
},
{
"trust": 0.6,
"url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0747"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47365"
},
{
"trust": 0.3,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,11,-d-,2-release-notes/"
},
{
"trust": 0.3,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,4,-d-,8-release-notes/"
},
{
"trust": 0.3,
"url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,9,-d-,4-release-notes/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134093"
},
{
"db": "BID",
"id": "108147"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1182"
},
{
"db": "NVD",
"id": "CVE-2018-4062"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-134093"
},
{
"db": "BID",
"id": "108147"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1182"
},
{
"db": "NVD",
"id": "CVE-2018-4062"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-134093"
},
{
"date": "2019-04-25T00:00:00",
"db": "BID",
"id": "108147"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"date": "2019-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-1182"
},
{
"date": "2019-05-06T19:29:00.577000",
"db": "NVD",
"id": "CVE-2018-4062"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-08T00:00:00",
"db": "VULHUB",
"id": "VHN-134093"
},
{
"date": "2019-04-25T00:00:00",
"db": "BID",
"id": "108147"
},
{
"date": "2019-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015405"
},
{
"date": "2020-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-1182"
},
{
"date": "2024-11-21T04:06:40.247000",
"db": "NVD",
"id": "CVE-2018-4062"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-1182"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sierra Wireless AirLink ES450 Vulnerabilities related to the use of hard-coded credentials in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015405"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-1182"
}
],
"trust": 0.6
}
}
gsd-2018-4062
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-4062",
"description": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.",
"id": "GSD-2018-4062",
"references": [
"https://packetstormsecurity.com/files/cve/CVE-2018-4062"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-4062"
],
"details": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.",
"id": "GSD-2018-4062",
"modified": "2023-12-13T01:22:28.760704Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2018-4062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless AirLink ES450 FW 4.9.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
},
{
"name": "108147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108147"
},
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sierrawireless:airlink_es450_firmware:4.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2018-4062"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
},
{
"name": "108147",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108147"
},
{
"name": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html",
"refsource": "MISC",
"tags": [
"Exploit",
"VDB Entry",
"Third Party Advisory"
],
"url": "http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-05-08T17:03Z",
"publishedDate": "2019-05-06T19:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…