A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.
References
Link | Resource |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2020-105-02 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
History
03 Feb 2022, 16:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:se:modicon_m251_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:se:modicon_m241_firmware:*:*:*:*:*:*:*:* |
cpe:2.3:o:schneider-electric:modicon_m258_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m251_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m241_firmware:*:*:*:*:*:*:*:* |
First Time |
Schneider-electric modicon M251 Firmware
Schneider-electric modicon M241 Firmware Schneider-electric modicon M258 Firmware |
31 Jan 2022, 19:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:se:ecostruxure_machine_expert:*:*:*:*:*:*:*:* cpe:2.3:h:se:modicon_m251:-:*:*:*:*:*:*:* cpe:2.3:a:se:somachine_motion:*:*:*:*:*:*:*:* cpe:2.3:h:se:modicon_m258:-:*:*:*:*:*:*:* cpe:2.3:h:se:modicon_m218:-:*:*:*:*:*:*:* cpe:2.3:a:se:somachine:*:*:*:*:*:*:*:* cpe:2.3:h:se:modicon_m241:-:*:*:*:*:*:*:* |
cpe:2.3:a:schneider-electric:somachine_motion:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m241:-:*:*:*:*:*:*:* cpe:2.3:a:schneider-electric:ecostruxure_machine_expert:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m218_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m218:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m251:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m258:-:*:*:*:*:*:*:* cpe:2.3:a:schneider-electric:somachine:*:*:*:*:*:*:*:* |
First Time |
Schneider-electric ecostruxure Machine Expert
Schneider-electric somachine Motion Schneider-electric modicon M218 Firmware Schneider-electric modicon M258 Schneider-electric modicon M218 Schneider-electric modicon M251 Schneider-electric modicon M241 Schneider-electric somachine Schneider-electric |
Information
Published : 2020-04-22 19:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-7488
Mitre link : CVE-2020-7488
CVE.ORG link : CVE-2020-7488
JSON object : View
Products Affected
schneider-electric
- ecostruxure_machine_expert
- modicon_m218
- modicon_m241_firmware
- modicon_m251_firmware
- modicon_m241
- modicon_m251
- modicon_m258
- somachine
- somachine_motion
- modicon_m258_firmware
- modicon_m218_firmware
CWE
CWE-319
Cleartext Transmission of Sensitive Information