PT-2019-14758 · Weidmueller · Weidmueller Ie-Sw-Vl05M+2

Publicado

2019-12-06

Atualizado

2019-12-10

CVE-2019-16673

CVSS v3.1

7.5

Alta

Vetor

AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N

Name of the Vulnerable Software and Affected Versions Weidmueller IE-SW-VL05M version 3.6.6 Build 16102415 Weidmueller IE-SW-VL08MT version 3.5.2 Build 16102415 Weidmueller IE-SW-PL10M version 3.3.16 Build 16102416

Description The issue concerns the storage of passwords in cleartext, allowing anyone with access to the device to read them.

Recommendations For Weidmueller IE-SW-VL05M version 3.6.6 Build 16102415, consider changing the password storage mechanism to a more secure method. For Weidmueller IE-SW-VL08MT version 3.5.2 Build 16102415, consider changing the password storage mechanism to a more secure method. For Weidmueller IE-SW-PL10M version 3.3.16 Build 16102416, consider changing the password storage mechanism to a more secure method.

Correção

Insufficiently Protected Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522

Identificadores relacionados

CVE-2019-16673

Produtos afetados

Weidmueller Ie-Sw-Pl10M

Weidmueller Ie-Sw-Vl05M

Weidmueller Ie-Sw-Vl08Mt

PT-2019-14758 · Weidmueller · Weidmueller Ie-Sw-Vl05M+2

CVE-2019-16673

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6