CVE-2018-10611
Summary
| CVE | CVE-2018-10611 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-06-04 14:29:00 UTC |
| Updated | 2019-10-09 23:32:00 UTC |
| Description | Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services. |
Risk And Classification
Problem Types: CWE-287
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ge | Mds Pulsenet | All | All | All | All |
| Application | Ge | Mds Pulsenet | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| GE MDS PulseNET and MDS PulseNET Enterprise | ICS-CERT | MISC | ics-cert.us-cert.gov | Third Party Advisory, US Government Resource |
| Multiple GE MDS PulseNET Products Multiple Security vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Grid Passport Login : GE Grid Solutions | CONFIRM | www.gegridsolutions.com | Permissions Required |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.