CVE-2024-6071 - OpenCVE

PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-24-177-02
https://www.ptc.com/en/support/article/CS417607

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2024-06-27T23:05:03.183Z

Updated: 2024-08-01T21:25:03.240Z

Reserved: 2024-06-17T15:17:28.397Z

Link: CVE-2024-6071

Vulnrichment

Updated: 2024-08-01T21:25:03.240Z

NVD

Status : Awaiting Analysis

Published: 2024-06-27T23:15:50.470

Modified: 2024-06-28T10:27:00.920

Link: CVE-2024-6071

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6071", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2024-06-17T15:17:28.397Z", "datePublished": "2024-06-27T23:05:03.183Z", "dateUpdated": "2024-08-01T21:25:03.240Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Creo Elements/Direct License", "vendor": "PTC", "versions": [{"lessThanOrEqual": "20.7.0.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Thomas Riedmaier of Siemens Energy reported this vulnerability to PTC."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server.</span><br>"}], "value": "PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 10, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-06-27T23:05:03.183Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-177-02"}, {"url": "https://www.ptc.com/en/support/article/CS417607"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<p>PTC recommends that users upgrade to Creo Elements/Direct License Server 20.7.0.1 or higher version:</p><ul><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=CDR\">Creo Elements/Direct Drafting</a></li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=CMM\">Creo Elements/Direct Model/Drawing Mgr</a></li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=CML\">Creo Elements/Direct Modeling</a></li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=CWM\">Creo Elements/Direct WorkManager</a></li></ul><p>If additional questions remain, please contact <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log?\">PTC Technical Support.</a></p><p>For more information, see <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/article/CS417607\">PTC's CS article</a>.</p>\n\n"}], "value": "PTC recommends that users upgrade to Creo Elements/Direct License Server 20.7.0.1 or higher version:\n\n * Creo Elements/Direct Drafting https://support.ptc.com/appserver/auth/it/esd/product.jsp \n * Creo Elements/Direct Model/Drawing Mgr https://support.ptc.com/appserver/auth/it/esd/product.jsp \n * Creo Elements/Direct Modeling https://support.ptc.com/appserver/auth/it/esd/product.jsp \n * Creo Elements/Direct WorkManager https://support.ptc.com/appserver/auth/it/esd/product.jsp \n\n\nIf additional questions remain, please contact PTC Technical Support. https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log \n\nFor more information, see PTC's CS article https://www.ptc.com/en/support/article/CS417607 ."}], "source": {"advisory": "ICSA-24-177-02", "discovery": "EXTERNAL"}, "title": "PTC Creo Elements/Direct License Server Missing Authorization", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "creo", "product": "creo_elements\\/direct_license", "cpes": ["cpe:2.3:a:creo:creo_elements\\/direct_license:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "20.7.0.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-28T15:22:36.234542Z", "id": "CVE-2024-6071", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-28T15:26:22.615Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:03.240Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-177-02", "tags": ["x_transferred"]}, {"url": "https://www.ptc.com/en/support/article/CS417607", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-177-02", "tags": ["x_transferred"]}, {"url": "https://www.ptc.com/en/support/article/CS417607", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:03.240Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6071", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-28T15:22:36.234542Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:creo:creo_elements\\/direct_license:0:*:*:*:*:*:*:*"], "vendor": "creo", "product": "creo_elements\\/direct_license", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "20.7.0.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-28T15:26:16.536Z"}}], "cna": {"title": "PTC Creo Elements/Direct License Server Missing Authorization", "source": {"advisory": "ICSA-24-177-02", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Thomas Riedmaier of Siemens Energy reported this vulnerability to PTC."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 10, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "PTC", "product": "Creo Elements/Direct License", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "20.7.0.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "PTC recommends that users upgrade to Creo Elements/Direct License Server 20.7.0.1 or higher version:\n\n * Creo Elements/Direct Drafting https://support.ptc.com/appserver/auth/it/esd/product.jsp \n * Creo Elements/Direct Model/Drawing Mgr https://support.ptc.com/appserver/auth/it/esd/product.jsp \n * Creo Elements/Direct Modeling https://support.ptc.com/appserver/auth/it/esd/product.jsp \n * Creo Elements/Direct WorkManager https://support.ptc.com/appserver/auth/it/esd/product.jsp \n\n\nIf additional questions remain, please contact PTC Technical Support. https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log \n\nFor more information, see PTC's CS article https://www.ptc.com/en/support/article/CS417607 .", "supportingMedia": [{"type": "text/html", "value": "\n\n<p>PTC recommends that users upgrade to Creo Elements/Direct License Server 20.7.0.1 or higher version:</p><ul><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=CDR\">Creo Elements/Direct Drafting</a></li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=CMM\">Creo Elements/Direct Model/Drawing Mgr</a></li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=CML\">Creo Elements/Direct Modeling</a></li><li><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/appserver/auth/it/esd/product.jsp?prodFamily=CWM\">Creo Elements/Direct WorkManager</a></li></ul><p>If additional questions remain, please contact <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log?\">PTC Technical Support.</a></p><p>For more information, see <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/article/CS417607\">PTC's CS article</a>.</p>\n\n", "base64": false}]}], "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-177-02"}, {"url": "https://www.ptc.com/en/support/article/CS417607"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server.", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2024-06-27T23:05:03.183Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6071", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:25:03.240Z", "dateReserved": "2024-06-17T15:17:28.397Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2024-06-27T23:05:03.183Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "PTC Creo Elements/Direct License Server exposes a web interface which can be used by unauthenticated remote attackers to execute arbitrary OS commands on the server."}, {"lang": "es", "value": "PTC Creo Elements/Direct License Server expone una interfaz web que pueden utilizar atacantes remotos no autenticados para ejecutar comandos arbitrarios del sistema operativo en el servidor."}], "id": "CVE-2024-6071", "lastModified": "2024-06-28T10:27:00.920", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "HIGH", "subsequentSystemIntegrity": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2024-06-27T23:15:50.470", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-177-02"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.ptc.com/en/support/article/CS417607"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}