Details of VAR-201904-0314

ID

VAR-201904-0314

CVE

CVE-2019-3915

TITLE

Verizon Fios Quantum Gateway Firmware authentication vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-003349

DESCRIPTION

Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface. Verizon Fios Quantum Gateway (G1100) There are authentication vulnerabilities in the firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Verizon Wireless FiosQuantumGateway (G1100) is a wireless router from Verizon Wireless. An authorization issue vulnerability exists in VerizonFiosQuantumGateway (G1100) with firmware version 02.01.00.05, which is due to lack of authentication or insufficient authentication strength in the network system or product. Verizon Fios Quantum Gateway is prone to a command-injection vulnerability. An attacker can exploit this issue to execute arbitrary commands with root privileges ; this may aid in further attacks

Trust: 2.52

sources: NVD: CVE-2019-3915 // JVNDB: JVNDB-2019-003349 // CNVD: CNVD-2019-24767 // BID: 107883 // VULHUB: VHN-155350

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-24767

AFFECTED PRODUCTS

vendor:	verizon	model:	fios quantum gateway g1100	scope:	eq	version:	02.01.00.05	Trust: 1.8
vendor:	verizon	model:	wireless fios quantum gateway	scope:	eq	version:	02.01.00.05	Trust: 0.6
vendor:	verizon	model:	fios quantum gateway	scope:	eq	version:	02.01.00.05	Trust: 0.3
vendor:	verizon	model:	fios quantum gateway	scope:	ne	version:	02.02.00.13	Trust: 0.3

sources: CNVD: CNVD-2019-24767 // BID: 107883 // JVNDB: JVNDB-2019-003349 // NVD: CVE-2019-3915

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-3915
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-3915
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-24767
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201904-582
value:	HIGH
Trust: 0.6
VULHUB:	VHN-155350
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-3915
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2019-24767
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-155350
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-3915
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2019-24767 // VULHUB: VHN-155350 // JVNDB: JVNDB-2019-003349 // CNNVD: CNNVD-201904-582 // NVD: CVE-2019-3915

PROBLEMTYPE DATA

problemtype:	CWE-294	Trust: 1.1
problemtype:	CWE-287	Trust: 0.9

sources: VULHUB: VHN-155350 // JVNDB: JVNDB-2019-003349 // NVD: CVE-2019-3915

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201904-582

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201904-582

CONFIGURATIONS

[
  {
    "CVE_data_version": "4.0",
    "nodes": [
      {
        "operator": "OR",
        "cpe_match": [
          {
            "vulnerable": true,
            "cpe22Uri": "cpe:/o:verizon:fios_quantum_gateway_g1100_firmware"
          }
        ]
      }
    ]
  }
]

sources: JVNDB: JVNDB-2019-003349

PATCH

title:	Fios Quantum Gateway	url:	https://www.verizon.com/home/accessories/fios-quantum-gateway/	Trust: 0.8
title:	Patch for VerizonWirelessFiosQuantumGateway (G1100) Authorization Issue Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/171863	Trust: 0.6
title:	Verizon Wireless Fios Quantum Gateway ( G1100 ) Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91394	Trust: 0.6

sources: CNVD: CNVD-2019-24767 // JVNDB: JVNDB-2019-003349 // CNNVD: CNNVD-201904-582

EXTERNAL IDS

db:	NVD	id:	CVE-2019-3915	Trust: 3.4
db:	TENABLE	id:	TRA-2019-17	Trust: 2.5
db:	BID	id:	107883	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-003349	Trust: 0.8
db:	CNNVD	id:	CNNVD-201904-582	Trust: 0.7
db:	CNVD	id:	CNVD-2019-24767	Trust: 0.6
db:	VULHUB	id:	VHN-155350	Trust: 0.1

sources: CNVD: CNVD-2019-24767 // VULHUB: VHN-155350 // BID: 107883 // JVNDB: JVNDB-2019-003349 // CNNVD: CNNVD-201904-582 // NVD: CVE-2019-3915

REFERENCES

url:	https://www.tenable.com/security/research/tra-2019-17	Trust: 2.5
url:	http://www.securityfocus.com/bid/107883	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3915	Trust: 2.0
url:	https://medium.com/tenable-techblog/verizon-fios-router-authenticated-command-injection-f6d2ddec30fd	Trust: 0.9
url:	http://www.verizonwireless.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3915	Trust: 0.8

sources: CNVD: CNVD-2019-24767 // VULHUB: VHN-155350 // BID: 107883 // JVNDB: JVNDB-2019-003349 // CNNVD: CNNVD-201904-582 // NVD: CVE-2019-3915

CREDITS

Chris Lyne

Trust: 0.9

sources: BID: 107883 // CNNVD: CNNVD-201904-582

SOURCES

db:	CNVD	id:	CNVD-2019-24767
db:	VULHUB	id:	VHN-155350
db:	BID	id:	107883
db:	JVNDB	id:	JVNDB-2019-003349
db:	CNNVD	id:	CNNVD-201904-582
db:	NVD	id:	CVE-2019-3915

LAST UPDATE DATE

2024-11-23T22:33:57.041000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-24767	date:	2019-07-29T00:00:00
db:	VULHUB	id:	VHN-155350	date:	2020-08-24T00:00:00
db:	BID	id:	107883	date:	2019-04-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-003349	date:	2019-05-15T00:00:00
db:	CNNVD	id:	CNNVD-201904-582	date:	2020-08-25T00:00:00
db:	NVD	id:	CVE-2019-3915	date:	2024-11-21T04:42:51.373

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-24767	date:	2019-07-26T00:00:00
db:	VULHUB	id:	VHN-155350	date:	2019-04-11T00:00:00
db:	BID	id:	107883	date:	2019-04-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-003349	date:	2019-05-15T00:00:00
db:	CNNVD	id:	CNNVD-201904-582	date:	2019-04-11T00:00:00
db:	NVD	id:	CVE-2019-3915	date:	2019-04-11T14:29:00.390