Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-13808

Summary
Assigner-siemens
Assigner Org ID-cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At-17 Apr, 2019 | 13:38
Updated At-05 Aug, 2024 | 09:14
Rejected At-
Credits

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition. Successful exploitation requires network access to a vulnerable device. At the time of advisory publication no public exploitation of this vulnerability was known.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:siemens
Assigner Org ID:cec7a2ec-15b4-4faf-bd53-b40f371f3a77
Published At:17 Apr, 2019 | 13:38
Updated At:05 Aug, 2024 | 09:14
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition. Successful exploitation requires network access to a vulnerable device. At the time of advisory publication no public exploitation of this vulnerability was known.

Affected Products
Vendor
Siemens AGSiemens
Product
CP 1604
Versions
Affected
  • All versions
Vendor
Siemens AGSiemens
Product
CP 1616
Versions
Affected
  • All versions
Problem Types
TypeCWE IDDescription
textN/AImproper Neutralization of CRLF Sequences ('CRLF Injection')
Type: text
CWE ID: N/A
Description: Improper Neutralization of CRLF Sequences ('CRLF Injection')
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
x_refsource_MISC
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:productcert@siemens.com
Published At:17 Apr, 2019 | 14:29
Updated At:11 Jul, 2019 | 22:15

A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Service condition. Successful exploitation requires network access to a vulnerable device. At the time of advisory publication no public exploitation of this vulnerability was known.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.1CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Primary2.06.4MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:P
Type: Primary
Version: 3.0
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Type: Primary
Version: 2.0
Base score: 6.4
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:P
CPE Matches
Siemens AG
siemens
>>cp_1604>>-
cpe:2.3:h:siemens:cp_1604:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>cp_1604_firmware>>Versions up to 2.8(inclusive)
cpe:2.3:o:siemens:cp_1604_firmware:*:*:*:*:*:*:*:*
Siemens AG
siemens
>>cp_1616>>-
cpe:2.3:h:siemens:cp_1616:-:*:*:*:*:*:*:*
Siemens AG
siemens
>>cp_1616_firmware>>Versions up to 2.8(inclusive)
cpe:2.3:o:siemens:cp_1616_firmware:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-200Primarynvd@nist.gov
CWE ID: CWE-200
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdfproductcert@siemens.com
Vendor Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-559174.pdf
Source: productcert@siemens.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

109Records found
CVE-2022-24797
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.45% / 62.55%
||
7 Day CHG~0.00%
Published-31 Mar, 2022 | 22:40
Updated-23 Apr, 2025 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Exposure of Sensitive Information in Pomerium

Pomerium is an identity-aware access proxy. In distributed service mode, Pomerium's Authenticate service exposes pprof debug and prometheus metrics handlers to untrusted traffic. This can leak potentially sensitive environmental information or lead to limited denial of service conditions. This issue is patched in version v0.17.1 Workarounds: Block access to `/debug` and `/metrics` paths on the authenticate service. This can be done with any L7 proxy, including Pomerium's own proxy service.

Action-Not Available
Vendor-pomeriumpomerium
Product-pomeriumpomerium
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-5016
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-0.92% / 75.00%
||
7 Day CHG~0.00%
Published-17 Jun, 2019 | 20:29
Updated-04 Aug, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory read, resulting in a denial of service or remote information disclosure. An unauthenticated attacker can send a crafted packet on the local network to trigger this vulnerability.

Action-Not Available
Vendor-kcodesNETGEAR, Inc.Talos (Cisco Systems, Inc.)
Product-netusb.kor7900_firmwarer8000r7900r8000_firmwareKCodes
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-0040
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 35.62%
||
7 Day CHG~0.00%
Published-10 Apr, 2019 | 20:13
Updated-16 Sep, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: Specially crafted packets sent to port 111 on any interface triggers responses from the management interface

On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface (e.g. fxp0) thus disclosing internal addressing and existence of the management interface itself. A high rate of crafted packets destined to port 111 may also lead to a partial Denial of Service (DoS). Note: Systems with fxp0 disabled or unconfigured are not vulnerable to this issue. This issue only affects Junos OS releases based on FreeBSD 10 or higher (typically Junos OS 15.1+). Administrators can confirm whether systems are running a version of Junos OS based on FreeBSD 10 or higher by typing: user@junos> show version | match kernel JUNOS OS Kernel 64-bit [20181214.223829_fbsd-builder_stable_10] Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X53 versions prior to 15.1X53-D236; 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8; 17.3 versions prior to 17.3R2; 17.4 versions prior to 17.4R1-S1, 17.4R1-S7, 17.4R2. This issue does not affect Junos OS releases prior to 15.1.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-9275
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.34% / 56.12%
||
7 Day CHG~0.00%
Published-04 Apr, 2018 | 18:00
Updated-17 Sep, 2024 | 04:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors).

Action-Not Available
Vendor-yubicon/a
Product-yubico_pamn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-16710
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.66% / 70.22%
||
7 Day CHG~0.00%
Published-07 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 02:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the public internet is a terrible idea, and I really can't emphasize that enough.

Action-Not Available
Vendor-octoprintn/a
Product-octoprintn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-9788
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.1||CRITICAL
EPSS-51.66% / 97.81%
||
7 Day CHG~0.00%
Published-13 Jul, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.The Apache Software FoundationOracle CorporationApple Inc.NetApp, Inc.
Product-oncommand_unified_managerstorage_automation_storeenterprise_linux_desktopenterprise_linux_server_tusjboss_core_servicesenterprise_linux_workstationenterprise_linux_server_eusenterprise_linuxdebian_linuxenterprise_linux_serverenterprise_linux_server_aushttp_servermac_os_xsecure_global_desktopjboss_enterprise_application_platformjboss_enterprise_web_serverApache HTTP Server
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-4024
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 27.45%
||
7 Day CHG-0.00%
Published-23 Dec, 2021 | 19:48
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM.

Action-Not Available
Vendor-podman_projectn/aRed Hat, Inc.Fedora Project
Product-podmanfedoraenterprise_linuxpodman
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-346
Origin Validation Error
CVE-2021-30284
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.17%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:16
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwarewcn3950_firmwareqca6595au_firmwaremsm8917mdm8215sd_675_firmwaremdm8615m_firmwaremsm8108wcn3998msm8108_firmwarewcn3950sm4125mdm9628sd720gmdm9206_firmwareqsw8573_firmwaresm6375_firmwarewcn3660bsd450_firmwaresd460_firmwaremdm9230_firmwaremdm8215mqca6574au_firmwaremdm9630wcd9375_firmwaresdx12_firmwarewcn3998_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresdx20mqca9367_firmwaremdm8207qca4004_firmwaresd662_firmwaremdm9615mqca6430wcd9306_firmwarewcd9340sdm830_firmwaremdm9625_firmwaresd765gwcn6851msm8937msm8209_firmwaremdm9250_firmwarewcd9341sd750gsd870_firmwaremdm8215_firmwarewcn3910_firmwaremdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaremsm8208_firmwarewcn6750_firmwaresd450wcn3610msm8608mdm9640sm6375wcn3991wcd9380_firmwarewcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwareqet4101_firmwaremsm8976_firmwareqca6574wcd9380mdm9230sd690_5g_firmwaresdx50m_firmwareqca9379_firmwareqca6174qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qsw8573wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaremdm9215_firmwarewcn3660b_firmwaresd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mwcn6740_firmwarear6003_firmwaremsm8953sd821_firmwaresd678_firmwarewcn6851_firmwaresd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwaresd480sd870wcn6855sd210_firmwareapq8096aumdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sd675sd439qet4101qca9379wcn3991_firmwaremdm9150_firmwarewsa8830sd678sm7250_firmwaremdm9628_firmwaremdm9650sd_636mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwareqca6174_firmwaresd690_5gsd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6584au_firmwarewcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwarewcd9326_firmwaremdm9615m_firmwarewcn3615_firmwaresd662apq8037qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwareqca6595auwcn3615wcn3610_firmwaremdm9207qca6564au_firmwareqca6584ausd778gqca6310msm8208wcd9306sm6225qcs6490sd429qca9367sd821mdm9607_firmwaresdm630msm8976sgwcn3988_firmwaresd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarewsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca6174a_firmwarewcd9385mdm8615mqcs6490_firmwaremdm9625qca6390wcd9375sd750g_firmwareaqt1000msm8976qca6694_firmwaresm6250_firmwaremsm8953_firmwareqca6694aumsm8917_firmwaresd210wcn3620_firmwaresd820qcm6490sd888_5g_firmwarewsa8835_firmwarewcn3620wcn6850_firmwarewsa8815_firmwareapq8017csr6030_firmwarear6003qca6564amdm9630_firmwarewcn3990sd_675sd780gsd865_5gsd888msm8909w_firmwarewsa8835msm8996ausd665_firmwaresd888_5gqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwaresm7325wcn6750mdm9615mdm9205qca6574_firmwaresd855sm4125_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209apq8009qca6391sd460mdm9310aqt1000_firmwaremsm8920qcm6490_firmwaresdx50msd480_firmwaremsm8920_firmwaremdm9215sm6225_firmwareqca6574aumdm8215m_firmwaremdm9607sd205_firmwarewcd9341_firmwaresdx20m_firmwarewsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740msm8608_firmwaresdw2500msm8940apq8096au_firmwaremdm9615_firmwareapq8037_firmwaresdm830sd720g_firmwaresdx12mdm9330sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-13188
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.1||CRITICAL
EPSS-0.13% / 33.79%
||
7 Day CHG~0.00%
Published-12 Jan, 2018 | 23:00
Updated-16 Sep, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found