// For flags

CVE-2018-10611

GE MDS PulseNET Account Java RMI Incorrect Privilege Assignment Remote Code Execution Vulnerability

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services.

El puerto de entradas Java RMI (Remote Method Invocation) en GE MDS PulseNET y MDS PulseNET Enterprise, en versiones 3.2.1 y anteriores, podría explotarse para permitir que usuarios no autenticados lancen aplicaciones y soporten la ejecución remota de código mediante servicios web.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the configuration of the Remote Method Invocation interface. The interface is not sufficiently protected from low-privileged users. An attacker can leverage this vulnerability to execute code under the context of the service.

*Credits: rgod
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-05-01 CVE Reserved
  • 2018-06-04 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-287: Improper Authentication
CAPEC
References (2)
URL Tag Source
http://www.securityfocus.com/bid/104377 Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ge
Search vendor "Ge"
 Mds Pulsenet
Search vendor "Ge" for product "Mds Pulsenet"
 <= 3.2.1
Search vendor "Ge" for product "Mds Pulsenet" and version " <= 3.2.1"
-
Affected
Ge
Search vendor "Ge"
 Mds Pulsenet
Search vendor "Ge" for product "Mds Pulsenet"
 <= 3.2.1
Search vendor "Ge" for product "Mds Pulsenet" and version " <= 3.2.1"
enterprise
Affected