PT-2017-14533 · Phoenix Contact · Fl Comserver Uni 232/422/485+4
Publicado
2017-12-11
·
Atualizado
2018-01-02
·
CVE-2017-16723
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PHOENIX CONTACT FL COMSERVER BASIC 232/422/485 versions prior to 1.99
PHOENIX CONTACT FL COMSERVER UNI 232/422/485 versions prior to 1.99
PHOENIX CONTACT FL COMSERVER BAS 232/422/485-T versions prior to 1.99
PHOENIX CONTACT FL COMSERVER UNI 232/422/485-T versions prior to 1.99
PHOENIX CONTACT FL COM SERVER RS232 versions prior to 2.20
PHOENIX CONTACT FL COM SERVER RS485 versions prior to 2.20
PHOENIX CONTACT PSI-MODEM/ETH versions prior to 2.40
Description
A Cross-site Scripting issue was discovered, which may allow remote code execution.
Recommendations
For PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, update to version 1.99 or later.
For PHOENIX CONTACT FL COMSERVER UNI 232/422/485, update to version 1.99 or later.
For PHOENIX CONTACT FL COMSERVER BAS 232/422/485-T, update to version 1.99 or later.
For PHOENIX CONTACT FL COMSERVER UNI 232/422/485-T, update to version 1.99 or later.
For PHOENIX CONTACT FL COM SERVER RS232, update to version 2.20 or later.
For PHOENIX CONTACT FL COM SERVER RS485, update to version 2.20 or later.
For PHOENIX CONTACT PSI-MODEM/ETH, update to version 2.40 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Fl Com Server Rs232
Fl Com Server Rs485
Fl Comserver Bas 232/422/485-T
Fl Comserver Uni 232/422/485
Psi-Modem/Eth