CVE-2018-11455

A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). A directory traversal vulnerability could allow a remote attacker to move arbitrary files, which can result in code execution, compromising confidentiality, integrity and availability of the system. Successful exploitation requires a network connection to the affected device. The attacker does not need privileges or special conditions of the system, but user interaction is required.

CVSS v3 8.8 HIGH
CVSS v2.0 6.8 MEDIUM

8.8^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/105114	Third Party Advisory VDB Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-920962.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:siemens:automation_license_manager::::::::
	cpe:2.3:a:siemens:automation_license_manager::::::::

History

No history.

Information

Published : 2018-08-07 15:29

Updated : 2023-12-10 12:44

NVD link : CVE-2018-11455

Mitre link : CVE-2018-11455

CVE.ORG link : CVE-2018-11455

JSON object : View

Products Affected

siemens

automation_license_manager

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2018-11455", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2018-08-07T15:29:00.497", "references": [{"url": "http://www.securityfocus.com/bid/105114", "tags": ["Third Party Advisory", "VDB Entry"], "source": "productcert@siemens.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-920962.pdf", "tags": ["Vendor Advisory"], "source": "productcert@siemens.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Secondary", "source": "productcert@siemens.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). A directory traversal vulnerability could allow a remote attacker to move arbitrary files, which can result in code execution, compromising confidentiality, integrity and availability of the system. Successful exploitation requires a network connection to the affected device. The attacker does not need privileges or special conditions of the system, but user interaction is required."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en Automation License Manager 5 (todas las versiones anteriores a la 5.3.4.4) y Automation License Manager 6 (todas las versiones anteriores a la 6.0.1). Una vulnerabilidad de salto de directorio podr\u00eda permitir que un atacante remoto mueva archivos arbitrarios, lo que podr\u00eda resultar en la ejecuci\u00f3n de c\u00f3digo, comprometiendo as\u00ed la confidencialidad, integridad y disponibilidad del sistema. Su explotaci\u00f3n con \u00e9xito requiere de una conexi\u00f3n de red al dispositivo afectado. El atacante no necesita privilegios o condiciones especiales del sistema, pero se requiere interacci\u00f3n del usuario."}], "lastModified": "2019-10-09T23:33:32.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:automation_license_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77C00B70-5281-47EE-A86D-B891FB9DEF7B", "versionEndExcluding": "5.3.4.4", "versionStartExcluding": "5.0"}, {"criteria": "cpe:2.3:a:siemens:automation_license_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED104AAE-CD92-45C2-9B59-CD5CBA85B99F", "versionEndExcluding": "6.0.1", "versionStartIncluding": "6.0"}], "operator": "OR"}]}], "sourceIdentifier": "productcert@siemens.com"}