Multiple vulnerabilities in GE MDS PulseNET and MDS PulseNET Enterprise
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-10611 CVE-2018-10613 CVE-2018-10615 |
| CWE-ID | CWE-287 CWE-611 CWE-23 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
MDS PulseNET Enterprise Web applications / Remote management & hosting panels GE MDS PulseNET Web applications / Remote management & hosting panels |
| Vendor | GE |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Improper authentication
EUVDB-ID: #VU13122
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-10611
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication on the target system.
The vulnerability exists due to an error in Java Remote Method Invocation (RMI) input port. A remote unauthenticated attacker can bypass authentication and launch applications to support remote code execution through Web Services.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsMDS PulseNET Enterprise: All versions
GE MDS PulseNET: All versions
CPE2.3 External linkshttps://ics-cert.us-cert.gov/advisories/ICSA-18-151-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) XXE attack
EUVDB-ID: #VU13123
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10613
CWE-ID:
CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to perform XXE attack on the target system.
The weakness exists due to insufficient validation for external entities. A remote attacker can supply data containing an XML external entities, perform multiple variants of XXE attacks and exfiltrate data from the host Windows platform.
Install update from vendor's website.
Vulnerable software versionsMDS PulseNET Enterprise: All versions
GE MDS PulseNET: All versions
CPE2.3 External linkshttps://ics-cert.us-cert.gov/advisories/ICSA-18-151-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Path traversal
EUVDB-ID: #VU13124
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10615
CWE-ID:
CWE-23 - Relative Path Traversal
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information on the target system.
The weakness exists due to path traversal. A remote attacker perform directory traversal attack and exfiltrate or delete data on the host platform.
Install update from vendor's website.
Vulnerable software versionsMDS PulseNET Enterprise: All versions
GE MDS PulseNET: All versions
CPE2.3 External linkshttps://ics-cert.us-cert.gov/advisories/ICSA-18-151-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
