CVE-2018-17891 - OpenCVE

Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. When contacting a Carestream server where there is no Oracle TNS listener available, users will trigger an HTTP 500 error, leaking technical information an attacker could use to initiate a more elaborate attack.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows 8.1
Carestream	Carestream Vue Ris

Configuration 1 [-]

AND

cpe:2.3:a:carestream:carestream_vue_ris:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*

References

Link	Resource
https://ics-cert.us-cert.gov/advisories/ICSMA-18-277-01	Mitigation Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2018-10-04T00:00:00

Updated: 2018-10-04T20:57:01

Reserved: 2018-10-02T00:00:00

Link: CVE-2018-17891

JSON object: View

NVD Information

Status : Modified

Published: 2018-10-04T21:29:01.983

Modified: 2019-10-09T23:37:00.050

Link: CVE-2018-17891

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Vue RIS", "vendor": "Carestream", "versions": [{"status": "affected", "version": "RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5"}]}], "datePublic": "2018-10-04T00:00:00", "descriptions": [{"lang": "en", "value": "Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. When contacting a Carestream server where there is no Oracle TNS listener available, users will trigger an HTTP 500 error, leaking technical information an attacker could use to initiate a more elaborate attack."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-209", "description": "INFORMATION EXPOSURE THROUGH AN ERROR MESSAGE CWE-209", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-10-04T20:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-277-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "2018-10-04T00:00:00", "ID": "CVE-2018-17891", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Vue RIS", "version": {"version_data": [{"version_value": "RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5"}]}}]}, "vendor_name": "Carestream"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. When contacting a Carestream server where there is no Oracle TNS listener available, users will trigger an HTTP 500 error, leaking technical information an attacker could use to initiate a more elaborate attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "INFORMATION EXPOSURE THROUGH AN ERROR MESSAGE CWE-209"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-277-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-277-01"}]}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2018-17891", "datePublished": "2018-10-04T00:00:00", "dateReserved": "2018-10-02T00:00:00", "dateUpdated": "2018-10-04T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:carestream:carestream_vue_ris:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7F6791A-EFC3-4565-82A4-1A0A947D0559", "versionEndIncluding": "11.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. When contacting a Carestream server where there is no Oracle TNS listener available, users will trigger an HTTP 500 error, leaking technical information an attacker could use to initiate a more elaborate attack."}, {"lang": "es", "value": "En Carestream Vue RIS, RIS Client Builds en versiones 11.2 y anteriores que se ejecute en una m\u00e1quina Windows 8.1 con IIS/7.5, al contactar con un servidor Carestream donde no hay un listener TNS de Oracle disponible, los usuarios activar\u00e1n un error HTTP 500, filtrando informaci\u00f3n t\u00e9cnica que un atacante podr\u00eda usar para iniciar un ataque m\u00e1s elaborado."}], "id": "CVE-2018-17891", "lastModified": "2019-10-09T23:37:00.050", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-04T21:29:01.983", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-277-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-209"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}