cvelist/2018/10xxx/CVE-2018-10613.json

{
    "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "DATE_PUBLIC": "2018-05-31T00:00:00",
        "ID": "CVE-2018-10613",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "MDS PulseNET and MDS PulseNET Enterprise",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "Version 3.2.1 and prior"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "GE"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "XXE CWE-611"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "104377",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/104377"
            },
            {
                "name": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet&type=9&file=1",
                "refsource": "CONFIRM",
                "url": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet&type=9&file=1"
            },
            {
                "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02",
                "refsource": "MISC",
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02"
            }
        ]
    }
}
- Synchronized data. 2018-05-01 14:05:39 -04:00			`{`
"-Synchronized-Data." 2019-03-17 23:05:54 +00:00			`"CVE_data_meta": {`
			`"ASSIGNER": "ics-cert@hq.dhs.gov",`
			`"DATE_PUBLIC": "2018-05-31T00:00:00",`
			`"ID": "CVE-2018-10613",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "MDS PulseNET and MDS PulseNET Enterprise",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "Version 3.2.1 and prior"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "GE"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
- Added submissions from ICS-CERT for ICSA-18-151-02 from 2018-06-01. 2018-06-04 09:04:55 -04:00			`{`
"-Synchronized-Data." 2019-03-17 23:05:54 +00:00			`"lang": "eng",`
			`"value": "Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior."`
- Added submissions from ICS-CERT for ICSA-18-151-02 from 2018-06-01. 2018-06-04 09:04:55 -04:00			`}`
"-Synchronized-Data." 2019-03-17 23:05:54 +00:00			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "XXE CWE-611"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "104377",`
			`"refsource": "BID",`
			`"url": "http://www.securityfocus.com/bid/104377"`
			`},`
			`{`
			`"name": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet&type=9&file=1",`
			`"refsource": "CONFIRM",`
			`"url": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet&type=9&file=1"`
			`},`
			`{`
			`"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02",`
			`"refsource": "MISC",`
			`"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02"`
			`}`
			`]`
			`}`
			`}`