mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
73 lines
2.4 KiB
JSON
73 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "ics-cert@hq.dhs.gov",
|
|
"DATE_PUBLIC": "2018-05-31T00:00:00",
|
|
"ID": "CVE-2018-10611",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "MDS PulseNET and MDS PulseNET Enterprise",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "Version 3.2.1 and prior"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "GE"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Improper Authentication CWE-287"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "104377",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/104377"
|
|
},
|
|
{
|
|
"name": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet&type=9&file=1",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet&type=9&file=1"
|
|
},
|
|
{
|
|
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02",
|
|
"refsource": "MISC",
|
|
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02"
|
|
}
|
|
]
|
|
}
|
|
} |