cvelist/2018/4xxx/CVE-2018-4838.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "productcert@siemens.com",
      "DATE_PUBLIC" : "2018-03-08T00:00:00",
      "ID" : "CVE-2018-4838",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "EN100 Ethernet module IEC 61850 variant, EN100 Ethernet module PROFINET IO variant, EN100 Ethernet module Modbus TCP variant, EN100 Ethernet module DNP3 variant, EN100 Ethernet module IEC 104 variant=",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "EN100 Ethernet module IEC 61850 variant : All versions < V4.30"
                              },
                              {
                                 "version_value" : "EN100 Ethernet module PROFINET IO variant : All versions"
                              },
                              {
                                 "version_value" : "EN100 Ethernet module Modbus TCP variant : All versions"
                              },
                              {
                                 "version_value" : "EN100 Ethernet module DNP3 variant : All versions"
                              },
                              {
                                 "version_value" : "EN100 Ethernet module IEC 104 variant : All versions"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Siemens AG"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "A vulnerability has been identified in Siemens EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 104 variant (All versions). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "CWE-306: Missing Authentication for Critical Function"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf",
            "refsource" : "CONFIRM",
            "url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf"
         },
         {
            "name" : "103379",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/103379"
         }
      ]
   }
}