Vulnerability Details : CVE-2018-4845

A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products). Remote attackers with either local or remote credentialed access to the "Remote View" feature might be able to elevate their privileges, compromising confidentiality, integrity, and availability of the system. No special skills or user interaction are required to perform this attack. At the time of advisory publication, no public exploitation of this security vulnerability is known. Siemens Healthineers confirms the security vulnerability and provides mitigations to resolve the security issue.

Vulnerability category: BypassGain privilege

Published 2018-06-26 18:29:01

Updated 2023-03-24 17:32:06

Source Siemens AG

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2018-4845

Probability of exploitation activity in the next 30 days: 0.30%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 65 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2018-4845

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P	8.0	6.4	[email protected]
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	[email protected]
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2018-4845

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Assigned by: [email protected] (Primary)
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Assigned by: [email protected] (Secondary)

References for CVE-2018-4845

https://cert-portal.siemens.com/productcert/pdf/ssa-755010.pdf

Third Party Advisory

CVEs referencing this url

Products affected by CVE-2018-4845

Siemens » Rapidpoint 400 Firmware » Version: N/A
cpe:2.3:o:siemens:rapidpoint_400_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Rapidpoint 400 » Version: N/A
Siemens » Rapidpoint 500 Firmware
Versions up to, including, (<=) 2.3
cpe:2.3:o:siemens:rapidpoint_500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Rapidpoint 500 » Version: N/A
Siemens » Rapidpoint 500 Firmware
Versions from including (>=) 3.0
cpe:2.3:o:siemens:rapidpoint_500_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Rapidpoint 500 » Version: N/A
Siemens » Rapidlab 1200 Firmware
Versions before (<) 3.3
cpe:2.3:o:siemens:rapidlab_1200_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Siemens » Rapidlab 1200 » Version: N/A