SB2019121918 - Multiple vulnerabilities in Siemens SPPA-T3000
Published: December 19, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 51 vulnerabilities.
1) Improper Authentication (CVE-ID: CVE-2019-18319)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication process. A remote attacker can send specially crafted objects via RMI, bypass authentication process and cause a denial of service (DoS) condition on the target system.
2) Improper Authentication (CVE-ID: CVE-2019-18318)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication process. A remote attacker can send specially crafted objects via RMI, bypass authentication process and cause a denial of service (DoS) condition on the target system.
3) Improper Authentication (CVE-ID: CVE-2019-18320)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication process. A remote attacker can bypass authentication process and upload arbitrary files on the target system.
4) Improper Authentication (CVE-ID: CVE-2019-18321)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication process. A remote attacker can send specially crafted packets to Port 5010/TCP, bypass authentication process and read and write arbitrary files on the local system.
5) Improper Authentication (CVE-ID: CVE-2019-18322)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication process. A remote attacker can send specially crafted packets to Port 5010/TCP, bypass authentication process and read and write arbitrary files on the local system.
6) Improper Authentication (CVE-ID: CVE-2019-18317)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication process. A remote attacker can send specially crafted objects via RMI, bypass authentication process and cause a denial of service (DoS) condition on the target system.
7) Deserialization of Untrusted Data (CVE-ID: CVE-2019-18316)
CWE-ID: CWE-502 - Deserialization of Untrusted Data
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can send specially crafted packets to Port 1099/TCP and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
8) Information disclosure (CVE-ID: CVE-2019-18312)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a missing permissions check. A remote attacker can be able to enumerate running RPC services.
9) Improper Input Validation (CVE-ID: CVE-2019-18311)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote unauthenticated attacker can send specially crafted packets to Port 7061/TCP and cause a denial of service condition on the target system.
10) Arbitrary file upload (CVE-ID: CVE-2019-18313)
CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file uploads. A remote attacker can send specially crafted objects to one of the RPC services and upload and execute arbitrary file on the server.
11) Improper Authentication (CVE-ID: CVE-2019-18314)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication process. A remote attacker can send specially crafted objects via RMI, bypass authentication process and execute arbitrary code on the target system.
12) Improper Authentication (CVE-ID: CVE-2019-18315)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in authentication process. A remote attacker can send specially crafted objects to Port 8888/TCP, bypass authentication process and execute arbitrary code on the target system.
13) Heap-based buffer overflow (CVE-ID: CVE-2019-18323)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow, cause a denial of service (DoS) condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
14) Heap-based buffer overflow (CVE-ID: CVE-2019-18324)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow, cause a denial of service (DoS) condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
15) Information disclosure (CVE-ID: CVE-2019-18332)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to improper input validation. A remote attacker can send specially crafted packets to Port 80/TCP, 8095/TCP, or 8080/TCP and gain access to directory listings of the server.
16) Information disclosure (CVE-ID: CVE-2019-18335)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to improper input validation. A remote attacker can send specially crafted packets to Port 80/TCP and gain access to logs and configuration files.
17) Heap-based buffer overflow (CVE-ID: CVE-2019-18330)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow, cause a denial of service (DoS) condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
18) Heap-based buffer overflow (CVE-ID: CVE-2019-18326)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow, cause a denial of service (DoS) condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
19) Heap-based buffer overflow (CVE-ID: CVE-2019-18325)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow, cause a denial of service (DoS) condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
20) Heap-based buffer overflow (CVE-ID: CVE-2019-18327)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow, cause a denial of service (DoS) condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
21) Heap-based buffer overflow (CVE-ID: CVE-2019-18328)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow, cause a denial of service (DoS) condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
22) Heap-based buffer overflow (CVE-ID: CVE-2019-18329)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow, cause a denial of service (DoS) condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
23) Stack-based buffer overflow (CVE-ID: CVE-2019-18310)
CWE-ID: CWE-121 - Stack-based buffer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote unauthenticated attacker can send specially crafted packets to Port 7061/TCP, trigger stack-based buffer overflow and cause a denial of service condition on the target system.
24) Improper access control (CVE-ID: CVE-2019-18309)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the target system.
The vulnerability exists due to improper access restrictions. A local user can manipulate specific files in the local file system and gain gain root privileges.
25) Heap-based buffer overflow (CVE-ID: CVE-2019-18292)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow and cause a denial of service condition on the target system.
26) Heap-based buffer overflow (CVE-ID: CVE-2019-18291)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow and cause a denial of service condition on the target system.
27) Heap-based buffer overflow (CVE-ID: CVE-2019-18293)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger a denial-of-service condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
28) Heap-based buffer overflow (CVE-ID: CVE-2019-18294)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow and cause a denial of service condition on the target system.
29) Heap-based buffer overflow (CVE-ID: CVE-2019-18295)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger a denial-of-service condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
30) Heap-based buffer overflow (CVE-ID: CVE-2019-18290)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger heap-based buffer overflow and cause a denial of service condition on the target system.
31) Heap-based buffer overflow (CVE-ID: CVE-2019-18289)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger a denial-of-service condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
32) Cleartext transmission of sensitive information (CVE-ID: CVE-2019-18285)
CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software uses insecure communication channel to transmit sensitive information between the client and the Application Server. A remote attacker with access to the communication channel can read credentials of a valid user.
Note: An attacker needs to have access to the Application Highway in order to exploit this vulnerability.
33) Improper Authentication (CVE-ID: CVE-2019-18284)
CWE-ID: CWE-287 - Improper Authentication
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the AdminService is available without authentication on the Application Server. A remote attacker can use methods exposed via this interface to receive password hashes of other users and to change user passwords.
Note: An attacker needs to have access to the Application Highway in order to exploit this vulnerability
34) Directory listing (CVE-ID: CVE-2019-18286)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the Application Server exposes directory listings and files containing sensitive information. A remote attacker can gain unauthorized access to sensitive information on the system.
Note: An attacker needs to have access to the Application Highway in order to exploit this vulnerability.
35) Information disclosure (CVE-ID: CVE-2019-18287)
CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the Application Server exposes directory listings and files containing sensitive information. A remote attacker can gain unauthorized access to sensitive information on the system.
Note: An attacker needs to have access to the Application Highway in order to exploit this vulnerability.
36) Arbitrary file upload (CVE-ID: CVE-2019-18288)
CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file uploads. A remote authenticated attacker can upload and execute arbitrary file on the target system.
Note: an attacker needs to have access to the Application Highway in order to exploit this vulnerability.
37) Heap-based buffer overflow (CVE-ID: CVE-2019-18296)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger a denial-of-service condition and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
38) Heap-based buffer overflow (CVE-ID: CVE-2019-18297)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the target system.
The vulnerability exists due to a boundary error. A local user can send a specially crafted packet to a named pipe, trigger heap-based buffer overflow and gain root privileges.
39) Integer overflow (CVE-ID: CVE-2019-18305)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger integer overflow and cause a denial of service condition on the target system.
40) Integer overflow (CVE-ID: CVE-2019-18304)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger integer overflow and cause a denial of service condition on the target system.
41) Out-of-bounds Read (CVE-ID: CVE-2019-18306)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger out-of-bounds read error and cause a denial of service condition on the target system.
42) Out-of-bounds Read (CVE-ID: CVE-2019-18307)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger out-of-bounds read error and cause a denial of service condition on the target system.
43) Improper access control (CVE-ID: CVE-2019-18308)
CWE-ID: CWE-284 - Improper Access Control
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the target system.
The vulnerability exists due to improper access restrictions. A local user can manipulate specific files in the local file system and gain gain root privileges.
44) Integer overflow (CVE-ID: CVE-2019-18303)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger integer overflow and cause a denial of service condition on the target system.
45) Integer overflow (CVE-ID: CVE-2019-18302)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger integer overflow and cause a denial of service condition on the target system.
46) Integer overflow (CVE-ID: CVE-2019-18298)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger integer overflow and cause a denial of service condition on the target system.
47) Integer overflow (CVE-ID: CVE-2019-18299)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger integer overflow and cause a denial of service condition on the target system.
48) Integer overflow (CVE-ID: CVE-2019-18300)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger integer overflow and cause a denial of service condition on the target system.
49) Integer overflow (CVE-ID: CVE-2019-18301)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow. A remote attacker can send specially crafted packets to Port 5010/TCP, trigger integer overflow and cause a denial of service condition on the target system.
50) Deserialization of Untrusted Data (CVE-ID: CVE-2019-18283)
CWE-ID: CWE-502 - Deserialization of Untrusted Data
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to the AdminService is available without authentication on the Application Server. A remote attacker can send specially crafted objects to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note: An attacker needs to have access to the Application Highway in order to exploit this vulnerability.
51) Improper input validation (CVE-ID: CVE-2018-4832)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to improper input validation. A remote attacker can send specially crafted messages to the RPC service of the affected products and cause denial-of-service condition on the remote and local communication functionality.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.