CVE-2018-7245 - OpenCVE

An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to change UPS control and shutdown parameters or other critical settings without authorization.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Schneider-electric	Mge Galaxy Pw Mge Galaxy 4000 Mge Galaxy 3000 Mge Galaxy 5000 Mge Eps 7000 Mge Galaxy 6000 Mge Galaxy 9000 Mge Comet Ups 66074 Mge Network Management Card Transverse Mge Eps 6000 Mge Eps 8000

Configuration 1 [-]

AND

cpe:2.3:h:schneider-electric:66074_mge_network_management_card_transverse:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:schneider-electric:mge_comet_ups:-:::::::*
	cpe:2.3:h:schneider-electric:mge_eps_6000:-:::::::*
	cpe:2.3:h:schneider-electric:mge_eps_7000:-:::::::*
	cpe:2.3:h:schneider-electric:mge_eps_8000:-:::::::*
	cpe:2.3:h:schneider-electric:mge_galaxy_3000:-:::::::*
	cpe:2.3:h:schneider-electric:mge_galaxy_4000:-:::::::*
	cpe:2.3:h:schneider-electric:mge_galaxy_5000:-:::::::*
	cpe:2.3:h:schneider-electric:mge_galaxy_6000:-:::::::*
	cpe:2.3:h:schneider-electric:mge_galaxy_9000:-:::::::*
	cpe:2.3:h:schneider-electric:mge_galaxy_pw:-:::::::*

References

Link	Resource
https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/	Mitigation Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: schneider

Published: 2018-04-18T20:00:00

Updated: 2018-04-18T19:57:01

Reserved: 2018-02-19T00:00:00

Link: CVE-2018-7245

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-04-18T20:29:00.513

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-7245

JSON object: View

Redhat Information

No data.

CWE

CWE-863

{"containers": {"cna": {"affected": [{"product": "66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS", "vendor": "Schneider Electric SE", "versions": [{"status": "affected", "version": "MGE Network Management Card Transverse, part number: SF66074. All card versions affected, when installed in following products: MGE Galaxy 5000, MGE Galaxy 6000, MGE Galaxy 9000, MGE EPS 7000, MGE EPS 8000, MGE EPS 6000, MGE Comet UPS, MGE Galaxy PW, MGE Galaxy 3000, MGE Galaxy 4000"}]}], "datePublic": "2018-03-15T00:00:00", "descriptions": [{"lang": "en", "value": "An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to change UPS control and shutdown parameters or other critical settings without authorization."}], "problemTypes": [{"descriptions": [{"description": "Improper Authorization", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-18T19:57:01", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@schneider-electric.com", "ID": "CVE-2018-7245", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS", "version": {"version_data": [{"version_value": "MGE Network Management Card Transverse, part number: SF66074. All card versions affected, when installed in following products: MGE Galaxy 5000, MGE Galaxy 6000, MGE Galaxy 9000, MGE EPS 7000, MGE EPS 8000, MGE EPS 6000, MGE Comet UPS, MGE Galaxy PW, MGE Galaxy 3000, MGE Galaxy 4000"}]}}]}, "vendor_name": "Schneider Electric SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to change UPS control and shutdown parameters or other critical settings without authorization."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Authorization"}]}]}, "references": {"reference_data": [{"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/", "refsource": "CONFIRM", "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/"}]}}}}, "cveMetadata": {"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2018-7245", "datePublished": "2018-04-18T20:00:00", "dateReserved": "2018-02-19T00:00:00", "dateUpdated": "2018-04-18T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:66074_mge_network_management_card_transverse:-:*:*:*:*:*:*:*", "matchCriteriaId": "7DBB8697-64F8-4D15-8B14-CDD51E99FBCF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:mge_comet_ups:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9837318-C9B6-448E-B701-40929C96795A", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_eps_6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "98078458-B5AB-4AD2-9E57-390591469F37", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_eps_7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "05DE2424-0969-491D-A414-81A648F2F801", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_eps_8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "60DC5EF0-1929-4D67-89BF-47D6F6848411", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_galaxy_3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "955C94DD-90E6-4AB1-87CC-4EDACEA47DF0", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_galaxy_4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FCAE877-B3E9-4970-B0EE-49C64C85715C", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_galaxy_5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EBFA4F2-6574-4D58-9B0C-317229DF503E", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_galaxy_6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "790BF7D0-4E2D-4607-8C47-C4B707538E66", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_galaxy_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "54A1FC87-5319-4F69-9228-C664D505B1CC", "vulnerable": false}, {"criteria": "cpe:2.3:h:schneider-electric:mge_galaxy_pw:-:*:*:*:*:*:*:*", "matchCriteriaId": "59D9633E-051F-427A-BADA-61BC8501AAE9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the affected devices could allow a remote attacker to change UPS control and shutdown parameters or other critical settings without authorization."}, {"lang": "es", "value": "Existe una vulnerabilidad de autorizaci\u00f3n incorrecta en 66074 MGE Network Management Card Transverse, de Schneider Electric, instalados en MGE UPS y MGE STS. El servidor web integrado (Port 80/443/TCP) de los dispositivos afectados podr\u00eda permitir que un atacante remoto cambie los par\u00e1metros UPS de control y cierre u otras opciones cr\u00edticas sin autorizaci\u00f3n."}], "id": "CVE-2018-7245", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-18T20:29:00.513", "references": [{"source": "cybersecurity@se.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-074-01/"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}