CVE-2018-4015 - OpenCVE

An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server to exploit this vulnerability.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Webroot	Brightcloud

Configuration 1 [-]

cpe:2.3:a:webroot:brightcloud:-:*:*:*:*:*:*:*

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0686	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: talos

Published: 2018-12-18T14:00:00

Updated: 2022-04-19T18:08:09

Reserved: 2018-01-02T00:00:00

Link: CVE-2018-4015

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-12-18T14:29:00.210

Modified: 2022-06-07T17:22:55.323

Link: CVE-2018-4015

JSON object: View

Redhat Information

No data.

CWE

CWE-295

{"containers": {"cna": {"affected": [{"product": "Webroot", "vendor": "n/a", "versions": [{"status": "affected", "version": "Webroot BrightCloud SDK"}]}], "datePublic": "2018-12-18T00:00:00", "descriptions": [{"lang": "en", "value": "An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server to exploit this vulnerability."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Improper Certificate Validation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-04-19T18:08:09", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0686"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "talos-cna@cisco.com", "ID": "CVE-2018-4015", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Webroot", "version": {"version_data": [{"version_value": "Webroot BrightCloud SDK"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server to exploit this vulnerability."}]}, "impact": {"cvss": {"baseScore": 8.1, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Certificate Validation"}]}]}, "references": {"reference_data": [{"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0686", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0686"}]}}}}, "cveMetadata": {"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2018-4015", "datePublished": "2018-12-18T14:00:00", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2022-04-19T18:08:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webroot:brightcloud:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDF0DE22-4B3D-47E4-A0AD-15A1BEE790C6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server to exploit this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad explotable en la funcionalidad del cliente HTTP de Webroot BrightCloud SDK. La configuraci\u00f3n del cliente HTTP no aplica una conexi\u00f3n segura por defecto, lo que resulta en el error a la hora de validar los certificados TLS. Un atacante puede suplantar al servidor remoto BrightCloud para desencadenar esta vulnerabilidad."}], "id": "CVE-2018-4015", "lastModified": "2022-06-07T17:22:55.323", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-18T14:29:00.210", "references": [{"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0686"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}]}