Details of VAR-201902-0639

ID

VAR-201902-0639

CVE

CVE-2018-19000

TITLE

LCDS LAquis SCADA Authentication Bypass Vulnerability

Trust: 0.8

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // CNVD: CNVD-2019-02390

DESCRIPTION

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data. LCDS Laquis SCADA Contains an authentication vulnerability.Information may be obtained. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of URIs by the product's web server. A crafted URI can cause the web service to bypass authentication that should be required for the web page. An attacker can leverage this vulnerability to access system information. LCDS LAquis SCADA is a SCADA (Data Acquisition and Monitoring Control) system from LCDS, Brazil. The system is mainly used for data acquisition and process control of devices with communication technology. LCDS LAquis SCADA is prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary code, perform unauthorized actions or gain access to sensitive information that may aid in further attacks. Failed attempts will likely cause a denial-of-service condition. LCDS LAquis SCADA version 4.1.0.3870 is vulnerable; other versions may also be affected

Trust: 3.24

sources: NVD: CVE-2018-19000 // JVNDB: JVNDB-2018-013083 // ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // BID: 106634 // IVD: 7d854241-463f-11e9-b348-000c29342cb1

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // CNVD: CNVD-2019-02390

AFFECTED PRODUCTS

vendor:	lcds	model:	laquis scada	scope:	lt	version:	4.1.0.4150	Trust: 1.8
vendor:	laquis scada	model:	software	scope:	-	version:	-	Trust: 0.7
vendor:	lcds	model:	le\303\243o consultoria e desenvolvimento de sistemas ltda me laquis scada	scope:	eq	version:	-4.1.0.3870	Trust: 0.6
vendor:	lcds	model:	leão consultoria e desenvolvimento de sistemas ltda me laquis scada	scope:	eq	version:	-4.1.0.3870	Trust: 0.3
vendor:	lcds	model:	leão consultoria e desenvolvimento de sistemas ltda me laquis scada	scope:	ne	version:	-4.1.0.4150	Trust: 0.3
vendor:	laquis scada	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // BID: 106634 // JVNDB: JVNDB-2018-013083 // NVD: CVE-2018-19000

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-19000
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-19000
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2018-19000
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2019-02390
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201901-520
value:	MEDIUM
Trust: 0.6
IVD:	7d854241-463f-11e9-b348-000c29342cb1
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2018-19000
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.5
CNVD:	CNVD-2019-02390
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	7d854241-463f-11e9-b348-000c29342cb1
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-19000
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // JVNDB: JVNDB-2018-013083 // CNNVD: CNNVD-201901-520 // NVD: CVE-2018-19000

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.8
problemtype:	CWE-288	Trust: 1.0

sources: JVNDB: JVNDB-2018-013083 // NVD: CVE-2018-19000

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-520

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201901-520

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013083

PATCH

title:	Top Page	url:	https://laquisscada.com	Trust: 0.8
title:	LAquis SCADA has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01	Trust: 0.7
title:	LCDS LAquis SCADA authentication bypass vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/150969	Trust: 0.6
title:	LCDS LAquis SCADA Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88644	Trust: 0.6

sources: ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // JVNDB: JVNDB-2018-013083 // CNNVD: CNNVD-201901-520

EXTERNAL IDS

db:	NVD	id:	CVE-2018-19000	Trust: 4.2
db:	ICS CERT	id:	ICSA-19-015-01	Trust: 2.7
db:	BID	id:	106634	Trust: 1.9
db:	CNVD	id:	CNVD-2019-02390	Trust: 0.8
db:	CNNVD	id:	CNNVD-201901-520	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-013083	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-7074	Trust: 0.7
db:	ZDI	id:	ZDI-19-068	Trust: 0.7
db:	ICS CERT	id:	ICSA-19-015-01T	Trust: 0.6
db:	IVD	id:	7D854241-463F-11E9-B348-000C29342CB1	Trust: 0.2

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // BID: 106634 // JVNDB: JVNDB-2018-013083 // CNNVD: CNNVD-201901-520 // NVD: CVE-2018-19000

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-015-01	Trust: 3.4
url:	http://www.securityfocus.com/bid/106634	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19000	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19000	Trust: 0.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-19-015-01third party advisoryus government resource	Trust: 0.6
url:	http://www.securityfocus.com/bid/106634third party advisoryvdb entry	Trust: 0.6
url:	https://laquisscada.com/	Trust: 0.3

sources: ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // BID: 106634 // JVNDB: JVNDB-2018-013083 // CNNVD: CNNVD-201901-520 // NVD: CVE-2018-19000

CREDITS

Esteban Ruiz (mr_me) of Source Incite

Trust: 0.7

sources: ZDI: ZDI-19-068

SOURCES

db:	IVD	id:	7d854241-463f-11e9-b348-000c29342cb1
db:	ZDI	id:	ZDI-19-068
db:	CNVD	id:	CNVD-2019-02390
db:	BID	id:	106634
db:	JVNDB	id:	JVNDB-2018-013083
db:	CNNVD	id:	CNNVD-201901-520
db:	NVD	id:	CVE-2018-19000

LAST UPDATE DATE

2024-08-14T13:26:57.839000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-19-068	date:	2019-01-19T00:00:00
db:	CNVD	id:	CNVD-2019-02390	date:	2019-01-22T00:00:00
db:	BID	id:	106634	date:	2019-01-15T00:00:00
db:	JVNDB	id:	JVNDB-2018-013083	date:	2019-02-14T00:00:00
db:	CNNVD	id:	CNNVD-201901-520	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-19000	date:	2019-10-09T23:37:34.537

SOURCES RELEASE DATE

db:	IVD	id:	7d854241-463f-11e9-b348-000c29342cb1	date:	2019-01-22T00:00:00
db:	ZDI	id:	ZDI-19-068	date:	2019-01-19T00:00:00
db:	CNVD	id:	CNVD-2019-02390	date:	2019-01-22T00:00:00
db:	BID	id:	106634	date:	2019-01-15T00:00:00
db:	JVNDB	id:	JVNDB-2018-013083	date:	2019-02-14T00:00:00
db:	CNNVD	id:	CNNVD-201901-520	date:	2019-01-16T00:00:00
db:	NVD	id:	CVE-2018-19000	date:	2019-02-05T18:29:00.743