ID

VAR-201902-0639


CVE

CVE-2018-19000


TITLE

LCDS LAquis SCADA Authentication Bypass Vulnerability

Trust: 0.8

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // CNVD: CNVD-2019-02390

DESCRIPTION

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data. LCDS Laquis SCADA Contains an authentication vulnerability.Information may be obtained. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of URIs by the product's web server. A crafted URI can cause the web service to bypass authentication that should be required for the web page. An attacker can leverage this vulnerability to access system information. LCDS LAquis SCADA is a SCADA (Data Acquisition and Monitoring Control) system from LCDS, Brazil. The system is mainly used for data acquisition and process control of devices with communication technology. LCDS LAquis SCADA is prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary code, perform unauthorized actions or gain access to sensitive information that may aid in further attacks. Failed attempts will likely cause a denial-of-service condition. LCDS LAquis SCADA version 4.1.0.3870 is vulnerable; other versions may also be affected

Trust: 3.24

sources: NVD: CVE-2018-19000 // JVNDB: JVNDB-2018-013083 // ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // BID: 106634 // IVD: 7d854241-463f-11e9-b348-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // CNVD: CNVD-2019-02390

AFFECTED PRODUCTS

vendor:lcdsmodel:laquis scadascope:ltversion:4.1.0.4150

Trust: 1.8

vendor:laquis scadamodel:softwarescope: - version: -

Trust: 0.7

vendor:lcdsmodel:le\303\243o consultoria e desenvolvimento de sistemas ltda me laquis scadascope:eqversion:-4.1.0.3870

Trust: 0.6

vendor:lcdsmodel:leão consultoria e desenvolvimento de sistemas ltda me laquis scadascope:eqversion:-4.1.0.3870

Trust: 0.3

vendor:lcdsmodel:leão consultoria e desenvolvimento de sistemas ltda me laquis scadascope:neversion:-4.1.0.4150

Trust: 0.3

vendor:laquis scadamodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // BID: 106634 // JVNDB: JVNDB-2018-013083 // NVD: CVE-2018-19000

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-19000
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-19000
value: MEDIUM

Trust: 0.8

ZDI: CVE-2018-19000
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2019-02390
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201901-520
value: MEDIUM

Trust: 0.6

IVD: 7d854241-463f-11e9-b348-000c29342cb1
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2018-19000
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

CNVD: CNVD-2019-02390
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d854241-463f-11e9-b348-000c29342cb1
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-19000
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // JVNDB: JVNDB-2018-013083 // CNNVD: CNNVD-201901-520 // NVD: CVE-2018-19000

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.8

problemtype:CWE-288

Trust: 1.0

sources: JVNDB: JVNDB-2018-013083 // NVD: CVE-2018-19000

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-520

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201901-520

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013083

PATCH

title:Top Pageurl:https://laquisscada.com

Trust: 0.8

title:LAquis SCADA has issued an update to correct this vulnerability.url:https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01

Trust: 0.7

title:LCDS LAquis SCADA authentication bypass vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/150969

Trust: 0.6

title:LCDS LAquis SCADA Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88644

Trust: 0.6

sources: ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // JVNDB: JVNDB-2018-013083 // CNNVD: CNNVD-201901-520

EXTERNAL IDS

db:NVDid:CVE-2018-19000

Trust: 4.2

db:ICS CERTid:ICSA-19-015-01

Trust: 2.7

db:BIDid:106634

Trust: 1.9

db:CNVDid:CNVD-2019-02390

Trust: 0.8

db:CNNVDid:CNNVD-201901-520

Trust: 0.8

db:JVNDBid:JVNDB-2018-013083

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-7074

Trust: 0.7

db:ZDIid:ZDI-19-068

Trust: 0.7

db:ICS CERTid:ICSA-19-015-01T

Trust: 0.6

db:IVDid:7D854241-463F-11E9-B348-000C29342CB1

Trust: 0.2

sources: IVD: 7d854241-463f-11e9-b348-000c29342cb1 // ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // BID: 106634 // JVNDB: JVNDB-2018-013083 // CNNVD: CNNVD-201901-520 // NVD: CVE-2018-19000

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-19-015-01

Trust: 3.4

url:http://www.securityfocus.com/bid/106634

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-19000

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19000

Trust: 0.8

url:https://ics-cert.us-cert.gov/advisories/icsa-19-015-01third party advisoryus government resource

Trust: 0.6

url:http://www.securityfocus.com/bid/106634third party advisoryvdb entry

Trust: 0.6

url:https://laquisscada.com/

Trust: 0.3

sources: ZDI: ZDI-19-068 // CNVD: CNVD-2019-02390 // BID: 106634 // JVNDB: JVNDB-2018-013083 // CNNVD: CNNVD-201901-520 // NVD: CVE-2018-19000

CREDITS

Esteban Ruiz (mr_me) of Source Incite

Trust: 0.7

sources: ZDI: ZDI-19-068

SOURCES

db:IVDid:7d854241-463f-11e9-b348-000c29342cb1
db:ZDIid:ZDI-19-068
db:CNVDid:CNVD-2019-02390
db:BIDid:106634
db:JVNDBid:JVNDB-2018-013083
db:CNNVDid:CNNVD-201901-520
db:NVDid:CVE-2018-19000

LAST UPDATE DATE

2024-08-14T13:26:57.839000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-19-068date:2019-01-19T00:00:00
db:CNVDid:CNVD-2019-02390date:2019-01-22T00:00:00
db:BIDid:106634date:2019-01-15T00:00:00
db:JVNDBid:JVNDB-2018-013083date:2019-02-14T00:00:00
db:CNNVDid:CNNVD-201901-520date:2019-10-17T00:00:00
db:NVDid:CVE-2018-19000date:2019-10-09T23:37:34.537

SOURCES RELEASE DATE

db:IVDid:7d854241-463f-11e9-b348-000c29342cb1date:2019-01-22T00:00:00
db:ZDIid:ZDI-19-068date:2019-01-19T00:00:00
db:CNVDid:CNVD-2019-02390date:2019-01-22T00:00:00
db:BIDid:106634date:2019-01-15T00:00:00
db:JVNDBid:JVNDB-2018-013083date:2019-02-14T00:00:00
db:CNNVDid:CNNVD-201901-520date:2019-01-16T00:00:00
db:NVDid:CVE-2018-19000date:2019-02-05T18:29:00.743