A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions of the following CPUs and Communication Module product references listed in the Security Notifications), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network.
References
Link | Resource |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2019-316-02 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
History
03 Feb 2022, 15:20
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:se:140_noc_77101_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:tsx_ety_x103_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:bmx_noe_0100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:bmx_noe_0110_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:140_noe_771x1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:bmx_noc_0401_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:140_cpu6x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:tsx_p57x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:140_noc_78x00_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:se:bmx_noe_0100:-:*:*:*:*:*:*:* |
cpe:2.3:o:schneider-electric:140_noe_771x1_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:140_cpu6x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:tsx_p57x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:140_noc_78x00_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmx_noe_0100:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmx_noe_0110_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmx_noe_0100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmx_noc_0401_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:tsx_ety_x103_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:140_noc_77101_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmx_p34x_firmware:*:*:*:*:*:*:*:* |
First Time |
Schneider-electric bmx Noe 0110 Firmware
Schneider-electric 140 Cpu6x Firmware Schneider-electric 140 Noc 77101 Firmware Schneider-electric bmx Noe 0100 Firmware Schneider-electric tsx P57x Firmware Schneider-electric bmx Noc 0401 Firmware Schneider-electric 140 Noc 78x00 Firmware Schneider-electric bmx Noe 0100 Schneider-electric bmx P34x Firmware Schneider-electric tsx Ety X103 Firmware Schneider-electric 140 Noe 771x1 Firmware |
31 Jan 2022, 19:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Schneider-electric 140 Cpu6x
Schneider-electric bmx Noe 0110 Schneider-electric tsx Ety X103 Schneider-electric bmx Noc 0401 Schneider-electric tsx P57x Schneider-electric 140 Noc 77101 Schneider-electric 140 Noe 771x1 Schneider-electric bmx P34x Schneider-electric 140 Noc 78x00 Schneider-electric |
|
CPE | cpe:2.3:h:se:140_noc_78x00:-:*:*:*:*:*:*:* cpe:2.3:h:se:140_noc_77101:-:*:*:*:*:*:*:* cpe:2.3:h:se:bmx_noe_0110:-:*:*:*:*:*:*:* cpe:2.3:h:se:tsx_ety_x103:-:*:*:*:*:*:*:* cpe:2.3:h:se:bmx_p34x:-:*:*:*:*:*:*:* cpe:2.3:h:se:140_cpu6x:-:*:*:*:*:*:*:* cpe:2.3:h:se:140_noe_771x1:-:*:*:*:*:*:*:* cpe:2.3:h:se:tsx_p57x:-:*:*:*:*:*:*:* |
cpe:2.3:h:schneider-electric:140_noe_771x1:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:140_noc_77101:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:140_noc_78x00:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmx_p34x:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmx_noe_0110:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmx_noc_0401:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:tsx_p57x:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:140_cpu6x:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:tsx_ety_x103:-:*:*:*:*:*:*:* |
Information
Published : 2020-04-22 19:15
Updated : 2023-12-10 13:27
NVD link : CVE-2019-6859
Mitre link : CVE-2019-6859
CVE.ORG link : CVE-2019-6859
JSON object : View
Products Affected
schneider-electric
- 140_noc_77101
- bmx_noc_0401
- 140_noc_77101_firmware
- bmx_noe_0110
- 140_noe_771x1_firmware
- 140_noe_771x1
- bmx_p34x
- 140_cpu6x
- bmx_noc_0401_firmware
- tsx_ety_x103_firmware
- bmx_noe_0100_firmware
- bmx_p34x_firmware
- tsx_p57x
- bmx_noe_0100
- 140_noc_78x00_firmware
- 140_cpu6x_firmware
- tsx_ety_x103
- 140_noc_78x00
- tsx_p57x_firmware
- bmx_noe_0110_firmware
CWE
CWE-798
Use of Hard-coded Credentials