CVE-2018-7781 (GCVE-0-2018-7781)
Vulnerability from cvelistv5 – Published: 2018-07-03 14:00 – Updated: 2024-09-16 19:56
VLAI
EPSS
VEX
Summary
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation.
Severity
8.8 (High)
CWE
- Authenticated password disclosure and privilege escalation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.schneider-electric.com/en/download/do… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Schneider Electric SE | Pelco Sarix Professional V1 |
Affected:
Pelco Sarix Pro 1 st generation with firmware versions prior to 3.29.69
|
Date Public
2018-04-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Pelco Sarix Professional V1",
"vendor": "Schneider Electric SE",
"versions": [
{
"status": "affected",
"version": "Pelco Sarix Pro 1 st generation with firmware versions prior to 3.29.69"
}
]
}
],
"datePublic": "2018-04-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authenticated password disclosure and privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-03T13:57:01.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"DATE_PUBLIC": "2018-04-24T00:00:00",
"ID": "CVE-2018-7781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Pelco Sarix Professional V1",
"version": {
"version_data": [
{
"version_value": "Pelco Sarix Pro 1 st generation with firmware versions prior to 3.29.69"
}
]
}
}
]
},
"vendor_name": "Schneider Electric SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authenticated password disclosure and privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2018-7781",
"datePublished": "2018-07-03T14:00:00.000Z",
"dateReserved": "2018-03-08T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:56:23.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-7781",
"date": "2026-07-16",
"epss": "0.00593",
"percentile": "0.44378"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imps110-1_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"3CFE56A8-9C8C-4F44-AE3D-51DBA2AE7320\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imps110-1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0373BEB9-9DDC-46DC-BEEA-2B567E35445B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imps110-1e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"CF9EAD49-0471-4C76-95B2-B81E7E452F26\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imps110-1e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA4F3354-111C-4C4A-88CE-8243BF9A1D26\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imps110-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"246F015C-E32D-49B4-A695-3FF9E470B604\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imps110-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D366FB62-6A7A-4BD6-BDA4-11931C4EFD81\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:ibps110-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"87B356CE-94D3-4E6A-B4FF-6D23DA26D5D5\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:ibps110-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DCEC508-8056-4655-95D6-8FD81FA83B53\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp1110-1_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"0D7119BB-55FA-4BAB-A99A-AC14562A9894\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp1110-1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8585A047-D4D5-4EE9-A839-827D50F28E6F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp1110-1e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"F6D85E88-8756-4F58-8F12-ECCC977C2501\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp1110-1e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C54ECB2-48E2-4484-BDA3-3B1A2B4F64BA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp1110-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"4C14903F-4DFE-41B7-9159-7E0E22DFADF2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp1110-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCE896FA-E8B0-43AD-B7D6-3606552A927A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:ibp1110-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"00D55E4D-314A-45FB-B2A0-9037F3F8B92B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:ibp1110-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43A50B71-9906-4CA8-8CCA-3ABEFE36DDF8\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp219-1_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"87F7CDF7-7FBB-4D88-B162-C23A01C4D7BE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp219-1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9B0FA60-0C47-4874-BB4E-BD9C5392EE36\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp219-1e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"0DAAD30B-EC31-4728-84DF-CA3D372F087A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp219-1e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C505935-2601-4858-9107-35ACCA09C5E2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp219-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"69387717-657A-4E5D-BF6A-1B1444CEE333\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp219-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83F91A7F-DB48-4431-9998-B45B04858905\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:ibp219-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"6EBD6EA4-12C3-46C3-9EA9-FE2627FF4D7F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:ibp219-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E4BE69D-0ED4-41E2-ACBD-F28EFE3F3678\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp319-1_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"D3F8B4C5-109C-4FDA-82C8-F7CA3BA9BAC6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp319-1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AEF2268-8C80-43DE-A26B-D76DEE72A20C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp319-1e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"56DF2F52-303B-4CF0-9331-7D717A0C14FB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp319-1e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"679FC4B1-2BAE-42DC-BC98-80F34DC40E57\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp319-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"E7F3206D-60D9-4296-935F-4BF314EB2ABB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp319-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A093D08-9339-4F5E-8DC3-7335F64B0058\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:ibp319-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"4EE4FA30-E0D4-4BFD-A6C0-FC92D426AE5A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:ibp319-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDEA40CA-2138-46EB-AAF6-6F0997D8D9E0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp519-1_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"862E91D6-70C3-4974-862E-4648EED24909\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp519-1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5457D7DC-990F-47BA-BDAF-4224B1D8367C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp519-1e_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"7F46D384-5303-4B93-9CCF-7E7C4E2E97B4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp519-1e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9940495-9135-414B-9266-E8ADABDC27B5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:imp519-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"618ACDB6-9FDB-46D8-8B0F-591FE89B23B2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:imp519-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA8B8E07-5ED4-420C-A6B0-62D69BB809BB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:ibp519-1er_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.29.69\", \"matchCriteriaId\": \"0A0B7DD8-13FE-4F30-8B24-0D6CAE6F43F2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:schneider-electric:ibp519-1er:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D09F722A-5337-4891-A5A2-CAE3B4C562E6\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation.\"}, {\"lang\": \"es\", \"value\": \"En la primera generaci\\u00f3n de c\\u00e1maras Schneider Electric Pelco Sarix Professional con versiones de firmware anteriores a la 3.29.69, al enviar una petici\\u00f3n especialmente manipulada, un usuario autenticado puede visualizar la contrase\\u00f1a en texto claro y resulta en un escalado de privilegios.\"}]",
"id": "CVE-2018-7781",
"lastModified": "2024-11-21T04:12:43.390",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-07-03T14:29:01.383",
"references": "[{\"url\": \"https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01/\", \"source\": \"cybersecurity@se.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-311\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-7781\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2018-07-03T14:29:01.383\",\"lastModified\":\"2024-11-21T04:12:43.390\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation.\"},{\"lang\":\"es\",\"value\":\"En la primera generaci\u00f3n de c\u00e1maras Schneider Electric Pelco Sarix Professional con versiones de firmware anteriores a la 3.29.69, al enviar una petici\u00f3n especialmente manipulada, un usuario autenticado puede visualizar la contrase\u00f1a en texto claro y resulta en un escalado de privilegios.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-311\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imps110-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"3CFE56A8-9C8C-4F44-AE3D-51DBA2AE7320\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imps110-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0373BEB9-9DDC-46DC-BEEA-2B567E35445B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imps110-1e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"CF9EAD49-0471-4C76-95B2-B81E7E452F26\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imps110-1e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA4F3354-111C-4C4A-88CE-8243BF9A1D26\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imps110-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"246F015C-E32D-49B4-A695-3FF9E470B604\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imps110-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D366FB62-6A7A-4BD6-BDA4-11931C4EFD81\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:ibps110-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"87B356CE-94D3-4E6A-B4FF-6D23DA26D5D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:ibps110-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DCEC508-8056-4655-95D6-8FD81FA83B53\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp1110-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"0D7119BB-55FA-4BAB-A99A-AC14562A9894\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp1110-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8585A047-D4D5-4EE9-A839-827D50F28E6F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp1110-1e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"F6D85E88-8756-4F58-8F12-ECCC977C2501\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp1110-1e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C54ECB2-48E2-4484-BDA3-3B1A2B4F64BA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp1110-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"4C14903F-4DFE-41B7-9159-7E0E22DFADF2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp1110-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCE896FA-E8B0-43AD-B7D6-3606552A927A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:ibp1110-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"00D55E4D-314A-45FB-B2A0-9037F3F8B92B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:ibp1110-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43A50B71-9906-4CA8-8CCA-3ABEFE36DDF8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp219-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"87F7CDF7-7FBB-4D88-B162-C23A01C4D7BE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp219-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9B0FA60-0C47-4874-BB4E-BD9C5392EE36\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp219-1e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"0DAAD30B-EC31-4728-84DF-CA3D372F087A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp219-1e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C505935-2601-4858-9107-35ACCA09C5E2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp219-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"69387717-657A-4E5D-BF6A-1B1444CEE333\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp219-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83F91A7F-DB48-4431-9998-B45B04858905\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:ibp219-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"6EBD6EA4-12C3-46C3-9EA9-FE2627FF4D7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:ibp219-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E4BE69D-0ED4-41E2-ACBD-F28EFE3F3678\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp319-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"D3F8B4C5-109C-4FDA-82C8-F7CA3BA9BAC6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp319-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AEF2268-8C80-43DE-A26B-D76DEE72A20C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp319-1e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"56DF2F52-303B-4CF0-9331-7D717A0C14FB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp319-1e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"679FC4B1-2BAE-42DC-BC98-80F34DC40E57\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp319-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"E7F3206D-60D9-4296-935F-4BF314EB2ABB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp319-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A093D08-9339-4F5E-8DC3-7335F64B0058\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:ibp319-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"4EE4FA30-E0D4-4BFD-A6C0-FC92D426AE5A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:ibp319-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDEA40CA-2138-46EB-AAF6-6F0997D8D9E0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp519-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"862E91D6-70C3-4974-862E-4648EED24909\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp519-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5457D7DC-990F-47BA-BDAF-4224B1D8367C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp519-1e_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"7F46D384-5303-4B93-9CCF-7E7C4E2E97B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp519-1e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9940495-9135-414B-9266-E8ADABDC27B5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:imp519-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"618ACDB6-9FDB-46D8-8B0F-591FE89B23B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:imp519-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA8B8E07-5ED4-420C-A6B0-62D69BB809BB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:ibp519-1er_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.29.69\",\"matchCriteriaId\":\"0A0B7DD8-13FE-4F30-8B24-0D6CAE6F43F2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:ibp519-1er:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D09F722A-5337-4891-A5A2-CAE3B4C562E6\"}]}]}],\"references\":[{\"url\":\"https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01/\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.schneider-electric.com/en/download/document/SEVD-2018-114-01/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…