CVE-2018-11629

{"id": "CVE-2018-11629", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-06-02T13:29:00.230", "references": [{"url": "http://sadfud.me/explotos/CVE-2018-11629", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.lutron.com/TechnicalDocumentLibrary/040249.pdf", "source": "cve@mitre.org"}, {"url": "https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/", "tags": ["Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://sadfud.me/explotos/CVE-2018-11629", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.lutron.com/TechnicalDocumentLibrary/040249.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/", "tags": ["Mitigation", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine"}, {"lang": "es", "value": "** EN DISPUTA ** Las credenciales de soporte por defecto e inamovibles (usuario: lutron contrase\u00f1a: integration) permiten que los atacantes obtengan el control de super user total de un dispositivo IoT mediante una sesi\u00f3n TELNET en productos que emplean el protocolo de integraci\u00f3n HomeWorks QS Lutron de las revisiones M a Y. NOTA: El fabricante cuestiona que este ID no sea una vulnerabilidad porque lo que se puede hacer a trav\u00e9s de los puertos gira en torno al control de la iluminaci\u00f3n, no a la ejecuci\u00f3n del c\u00f3digo. Se enumera un cierto conjunto de comandos, que tienen cierta similitud con el c\u00f3digo, pero no son arbitrarios y no permiten el control a nivel de administrador de una m\u00e1quina."}], "lastModified": "2024-11-21T03:43:43.870", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lutron:stanza_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AB5848A-8331-4B38-8A52-D39E02EAF1AA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lutron:stanza:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "33CF0BDB-6C11-4BDF-BA24-F8E88A330FD9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lutron:radiora_2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43C6EF7F-4CF2-4424-A0BB-47E1C9750002"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lutron:radiora_2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4CD9186-5091-4B57-9A72-E289E06A7A58"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:lutron:homeworks_qs_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE9CE85D-A813-48CA-B195-E9B43341CCBD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:lutron:homeworks_qs:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A7913129-7017-4739-8561-68ACCF369086"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}