CVE-2019-13539 - OpenCVE

Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Medtronic	Valleylab Fx8 Energy Platform Firmware Valleylab Ft10 Energy Platform Valleylab Exchange Client Valleylab Fx8 Energy Platform Valleylab Ft10 Energy Platform Firmware

Configuration 1 [-]

cpe:2.3:a:medtronic:valleylab_exchange_client:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:medtronic:valleylab_ft10_energy_platform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:valleylab_ft10_energy_platform:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:medtronic:valleylab_fx8_energy_platform_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:valleylab_fx8_energy_platform:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.us-cert.gov/ics/advisories/icsma-19-311-02	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2019-11-08T19:07:59

Updated: 2019-11-08T19:07:59

Reserved: 2019-07-11T00:00:00

Link: CVE-2019-13539

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-11-08T20:15:10.743

Modified: 2020-10-09T13:11:28.173

Link: CVE-2019-13539

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Valleylab Exchange Client", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "version 3.4 and below"}]}, {"product": "Valleylab FT10 Energy Platform (VLFT10GEN)", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "software version 4.0.0 and below"}]}, {"product": "Valleylab FX8 Energy Platform (VLFX8GEN)", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "software version 1.1.0 and below"}]}], "descriptions": [{"lang": "en", "value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-328", "description": "REVERSIBLE ONE-WAY HASH CWE-328", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-11-08T19:07:59", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2019-13539", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Valleylab Exchange Client", "version": {"version_data": [{"version_value": "version 3.4 and below"}]}}, {"product_name": "Valleylab FT10 Energy Platform (VLFT10GEN)", "version": {"version_data": [{"version_value": "software version 4.0.0 and below"}]}}, {"product_name": "Valleylab FX8 Energy Platform (VLFX8GEN)", "version": {"version_data": [{"version_value": "software version 1.1.0 and below"}]}}]}, "vendor_name": "Medtronic"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "REVERSIBLE ONE-WAY HASH CWE-328"}]}]}, "references": {"reference_data": [{"name": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02", "refsource": "MISC", "url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"}]}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2019-13539", "datePublished": "2019-11-08T19:07:59", "dateReserved": "2019-07-11T00:00:00", "dateUpdated": "2019-11-08T19:07:59", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:medtronic:valleylab_exchange_client:*:*:*:*:*:*:*:*", "matchCriteriaId": "B346570A-3BF0-4BD6-912D-1754DFA49264", "versionEndIncluding": "3.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:valleylab_ft10_energy_platform_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9428AFA2-E198-41FE-A129-DD51D48CFAD3", "versionEndIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:valleylab_ft10_energy_platform:-:*:*:*:*:*:*:*", "matchCriteriaId": "164230CB-E2BF-447F-8537-C9401FA0CC09", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:valleylab_fx8_energy_platform_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEAA803B-F89B-4D2A-820B-9F337778AE70", "versionEndIncluding": "1.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:valleylab_fx8_energy_platform:-:*:*:*:*:*:*:*", "matchCriteriaId": "E18B428C-13F4-458C-A0A2-13FA801C9FFC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes."}, {"lang": "es", "value": "Medtronic Valleylab Exchange Client versi\u00f3n 3.4 y anteriores, Valleylab FT10 Energy Platform (VLFT10GEN) versi\u00f3n de software 4.0.0 y anteriores, y Valleylab FX8 Energy Platform (VLFX8GEN) versi\u00f3n 1.1.0 y anteriores, utilizan el algoritmo de descifrado para el hash de contrase\u00f1a del sistema operativo. Si bien los inicios de sesi\u00f3n interactivos basados ??en la red est\u00e1n deshabilitados, y los atacantes pueden usar las otras vulnerabilidades dentro de este reporte para obtener acceso de shell local y acceder a estos hashes."}], "id": "CVE-2019-13539", "lastModified": "2020-10-09T13:11:28.173", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-08T20:15:10.743", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-328"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}