ID

VAR-201905-0726


CVE

CVE-2018-13992


TITLE

plural PHOENIX CONTACT FL SWITCH Vulnerabilities related to certificate and password management in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-015395

DESCRIPTION

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. plural PHOENIX CONTACT FL SWITCH The product contains vulnerabilities related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PHOENIX CONTACT FL SWITCH Series are prone to the following security vulnerabilities: 1. A cross-site request-forgery vulnerability. 2. An authentication-bypass vulnerability. 3. Multiple information-disclosure vulnerabilities. 4. A denial-of-service vulnerability. Attackers can exploit these issues to bypass the authentication process, obtain sensitive information, and perform unauthorized actions. Failed exploit attempts will likely cause a denial-of-service condition

Trust: 1.98

sources: NVD: CVE-2018-13992 // JVNDB: JVNDB-2018-015395 // BID: 106737 // VULMON: CVE-2018-13992

AFFECTED PRODUCTS

vendor:phoenixcontactmodel:fl switch 3005scope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3006t-2fxscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4012t 2gt 2fxscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4800e-24fx-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4800e-24fx-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3004t-fxscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3016tscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3012e-2sfxscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3006t-2fxscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4000t-8poe-2sfp-rscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3004t-fxscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx st-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx lc-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx st-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx lc-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3004t-fx stscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3016tscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3012e-2fx smscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3012e-2fx smscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3008tscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3008scope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4008t-2gt-4fx smscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3008scope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4008t-2gt-4fx smscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3008tscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4000t-8poe-2sfp-rscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4012t-2gt-2fx stscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3006t-2fx stscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4824e-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4824e-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4008t-2sfpscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3005scope:gtversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3016scope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4012t-2gt-2fx stscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3016escope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3016escope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx sm-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4008t-2sfpscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx sm-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3005tscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3006t-2fx smscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3016scope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3006t-2fx smscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4012t 2gt 2fxscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3006t-2fx stscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4800e-24fx sm-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3005tscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4008t-2gt-3fx smscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx sm st-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx sm lc-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx sm lc-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4008t-2gt-3fx smscope:gteversion:1.0

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4800e-24fx sm-4gcscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3004t-fx stscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 3012e-2sfxscope:lteversion:1.34

Trust: 1.0

vendor:phoenixcontactmodel:fl switch 4808e-16fx sm st-4gcscope:gteversion:1.0

Trust: 1.0

vendor:phoenix contactmodel:fl switch 3004t-fx stscope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3004t-fxscope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3005scope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3005tscope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3006t-2fx stscope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3006t-2fxscope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3008scope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3008tscope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3012e-2sfxscope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenix contactmodel:fl switch 3016escope:eqversion:1.0 to 1.34

Trust: 0.8

vendor:phoenixmodel:contact fl switch seriesscope:eqversion:4xxx1.32

Trust: 0.3

vendor:phoenixmodel:contact fl switch seriesscope:eqversion:4xxx1.0

Trust: 0.3

vendor:phoenixmodel:contact fl switch seriesscope:eqversion:48xx1.32

Trust: 0.3

vendor:phoenixmodel:contact fl switch seriesscope:eqversion:48xx1.0

Trust: 0.3

vendor:phoenixmodel:contact fl switch seriesscope:eqversion:3xxx1.32

Trust: 0.3

vendor:phoenixmodel:contact fl switch seriesscope:eqversion:3xxx1.0

Trust: 0.3

vendor:phoenixmodel:contact fl switch seriesscope:neversion:4xxx1.35

Trust: 0.3

vendor:phoenixmodel:contact fl switch seriesscope:neversion:48xx1.35

Trust: 0.3

vendor:phoenixmodel:contact fl switch seriesscope:neversion:3xxx1.35

Trust: 0.3

sources: BID: 106737 // JVNDB: JVNDB-2018-015395 // NVD: CVE-2018-13992

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-13992
value: CRITICAL

Trust: 1.0

cve@mitre.org: CVE-2018-13992
value: HIGH

Trust: 1.0

NVD: CVE-2018-13992
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201901-893
value: CRITICAL

Trust: 0.6

VULMON: CVE-2018-13992
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-13992
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2018-13992
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

cve@mitre.org: CVE-2018-13992
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.2
version: 3.0

Trust: 1.0

sources: VULMON: CVE-2018-13992 // JVNDB: JVNDB-2018-015395 // CNNVD: CNNVD-201901-893 // NVD: CVE-2018-13992 // NVD: CVE-2018-13992

PROBLEMTYPE DATA

problemtype:CWE-311

Trust: 1.0

problemtype:CWE-255

Trust: 0.8

sources: JVNDB: JVNDB-2018-015395 // NVD: CVE-2018-13992

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-893

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201901-893

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-015395

PATCH

title:Top Pageurl:https://www.phoenixcontact.com/online/portal/pc

Trust: 0.8

title:The Registerurl:https://www.theregister.co.uk/2019/02/11/phoenix_switch_flaws/

Trust: 0.2

sources: VULMON: CVE-2018-13992 // JVNDB: JVNDB-2018-015395

EXTERNAL IDS

db:ICS CERTid:ICSA-19-024-02

Trust: 2.8

db:NVDid:CVE-2018-13992

Trust: 2.8

db:BIDid:106737

Trust: 2.0

db:JVNDBid:JVNDB-2018-015395

Trust: 0.8

db:CNNVDid:CNNVD-201901-893

Trust: 0.6

db:VULMONid:CVE-2018-13992

Trust: 0.1

sources: VULMON: CVE-2018-13992 // BID: 106737 // JVNDB: JVNDB-2018-015395 // CNNVD: CNNVD-201901-893 // NVD: CVE-2018-13992

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-19-024-02

Trust: 2.9

url:http://www.securityfocus.com/bid/106737

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2018-13992

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13992

Trust: 0.8

url:https://www.phoenixcontact.com/online/portal/pc

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/311.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2018-13992 // BID: 106737 // JVNDB: JVNDB-2018-015395 // CNNVD: CNNVD-201901-893 // NVD: CVE-2018-13992

CREDITS

working with Evgeniy Druzhinin,Phoenix Contact, Ilya Karpov, and Georgy Zaytsev of Positive Technologies.

Trust: 0.6

sources: CNNVD: CNNVD-201901-893

SOURCES

db:VULMONid:CVE-2018-13992
db:BIDid:106737
db:JVNDBid:JVNDB-2018-015395
db:CNNVDid:CNNVD-201901-893
db:NVDid:CVE-2018-13992

LAST UPDATE DATE

2024-08-14T12:55:35.872000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2018-13992date:2020-08-24T00:00:00
db:BIDid:106737date:2019-01-24T00:00:00
db:JVNDBid:JVNDB-2018-015395date:2019-06-03T00:00:00
db:CNNVDid:CNNVD-201901-893date:2020-08-25T00:00:00
db:NVDid:CVE-2018-13992date:2020-08-24T17:37:01.140

SOURCES RELEASE DATE

db:VULMONid:CVE-2018-13992date:2019-05-07T00:00:00
db:BIDid:106737date:2019-01-24T00:00:00
db:JVNDBid:JVNDB-2018-015395date:2019-06-03T00:00:00
db:CNNVDid:CNNVD-201901-893date:2019-01-25T00:00:00
db:NVDid:CVE-2018-13992date:2019-05-07T18:29:00.393