CVE-2015-6459

Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or delete arbitrary files via a full pathname.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.gedigitalenergy.com/app/resources.aspx?prod=pulsenet&type=9	Vendor Advisory
http://zerodayinitiative.com/advisories/ZDI-15-439/
https://ics-cert.us-cert.gov/advisories/ICSA-15-258-03	Third Party Advisory US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ge:mds_pulsenet::::::::
	cpe:2.3:a:ge:mds_pulsenet:::::enterprise:::*

History

No history.

Information

Published : 2015-09-18 22:59

Updated : 2023-12-10 11:46

NVD link : CVE-2015-6459

Mitre link : CVE-2015-6459

CVE.ORG link : CVE-2015-6459

JSON object : View

Products Affected

ge

mds_pulsenet

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2015-6459", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-09-18T22:59:07.013", "references": [{"url": "http://www.gedigitalenergy.com/app/resources.aspx?prod=pulsenet&type=9", "tags": ["Vendor Advisory"], "source": "ics-cert@hq.dhs.gov"}, {"url": "http://zerodayinitiative.com/advisories/ZDI-15-439/", "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-258-03", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 allows remote attackers to read or delete arbitrary files via a full pathname."}, {"lang": "es", "value": "Vulnerabilidad de salto de ruta absoluta en la funcionalidad de descarga en FileDownloadServlet en GE Digital Energy MDS PulseNET y MDS PulseNET Enterprise en versiones anteriores a 3.1.5, permite a atacantes remotos leer o eliminar archivos arbitrarios a trav\u00e9s de un nombre de ruta completo."}], "lastModified": "2015-09-23T18:53:12.897", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1538CC5-82FE-4847-A9E1-AA90E85D5057", "versionEndIncluding": "3.1.3"}, {"criteria": "cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "3A730B4B-9A48-4F92-8730-ECF75F8F5DE1", "versionEndIncluding": "3.1.3"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}