Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-7301

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-22 Feb, 2018 | 19:00
Updated At-05 Aug, 2024 | 06:24
Rejected At-
Credits

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:22 Feb, 2018 | 19:00
Updated At:05 Aug, 2024 | 06:24
Rejected At:
▼CVE Numbering Authority (CNA)

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://atomic111.github.io/article/homematic-ccu2-xml-rpc
x_refsource_MISC
Hyperlink: http://atomic111.github.io/article/homematic-ccu2-xml-rpc
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://atomic111.github.io/article/homematic-ccu2-xml-rpc
x_refsource_MISC
x_transferred
Hyperlink: http://atomic111.github.io/article/homematic-ccu2-xml-rpc
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:22 Feb, 2018 | 19:29
Updated At:18 Mar, 2018 | 14:18

eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. This can be exploited by sending arbitrary XML-RPC requests to control the attached BidCos devices.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
eq-3
eq-3
>>homematic_central_control_unit_ccu2_firmware>>2.29.22
cpe:2.3:o:eq-3:homematic_central_control_unit_ccu2_firmware:2.29.22:*:*:*:*:*:*:*
eq-3
eq-3
>>homematic_central_control_unit_ccu2>>-
cpe:2.3:h:eq-3:homematic_central_control_unit_ccu2:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-306Primarynvd@nist.gov
CWE ID: CWE-306
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://atomic111.github.io/article/homematic-ccu2-xml-rpccve@mitre.org
Third Party Advisory
Hyperlink: http://atomic111.github.io/article/homematic-ccu2-xml-rpc
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

204Records found
CVE-2020-7540
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.68%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 00:52
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.

Action-Not Available
Vendor-n/a
Product-140noc78100140cpu65150140noc78000_firmwaretsxp575634_firmware140noc78000bmxnoe0110_firmware140cpu65160_firmwaretsxp574634modicon_m340_bmxp3420102clmodicon_m340_bmxp3420302_firmwarebmxnor200h_firmware140noc78100_firmwaremodicon_m340_bmxp342000140cpu65160modicon_m340_bmxp3420302cl_firmwaremodicon_m340_bmxp341000140noe77111_firmwaremodicon_m340_bmxp342020_firmware140noc77101_firmwaremodicon_m340_bmxp3420102_firmware140noc77101bmxnoe0110140noe77101tsxety5103_firmwaremodicon_m340_bmxp3420102cl_firmwaretsxety5103tsxp574634_firmwarebmxnoc0401_firmware140noe77111modicon_m340_bmxp3420302clmodicon_m340_bmxp3420302140noe77101_firmwaremodicon_m340_bmxp342020bmxnoe0100_firmwaretsxp576634modicon_m340_bmxp341000_firmwaretsxety4103_firmwarebmxnor200htsxp576634_firmwarebmxnoc0401modicon_m340_bmxp342000_firmwarebmxnoe0100140cpu65150_firmwaremodicon_m340_bmxp3420102tsxety4103tsxp575634Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-6198
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.73%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 20:18
Updated-04 Aug, 2024 | 08:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthenticated sources. This allows an attacker to control all remote functions on the Agent due to Missing Authentication Check.

Action-Not Available
Vendor-SAP SE
Product-solution_managerSAP Solution Manager (Diagnostics Agent)
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2017-10804
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 74.48%
||
7 Day CHG~0.00%
Published-04 Jul, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, remote attackers can bypass authentication under certain circumstances because parameters containing 0x00 characters are truncated before reaching the database layer. This occurs because Psycopg 2.x before 2.6.3 is used.

Action-Not Available
Vendor-odoon/a
Product-odoon/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-36239
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-9.8||CRITICAL
EPSS-16.17% / 94.55%
||
7 Day CHG~0.00%
Published-29 Jul, 2021 | 10:12
Updated-17 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17.0 exposed a Ehcache RMI network service which attackers, who can connect to the service, on port 40001 and potentially 40011[0][1], could execute arbitrary code of their choice in Jira through deserialization due to a missing authentication vulnerability. While Atlassian strongly suggests restricting access to the Ehcache ports to only Data Center instances, fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service. [0] In Jira Data Center, Jira Core Data Center, and Jira Software Data Center versions prior to 7.13.1, the Ehcache object port can be randomly allocated. [1] In Jira Service Management Data Center versions prior to 3.16.1, the Ehcache object port can be randomly allocated.

Action-Not Available
Vendor-Atlassian
Product-jira_data_centerjira_service_deskjira_service_managementJira Core Data CenterJira Service Management Data CenterJira Data CenterJira Software Data Centerjira_data_centerjira_service_deskjira_service_management
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found