PT-2019-18376 · Schneider Electric · Modicon Premium+3
Publicado
2019-10-29
·
Atualizado
2022-02-03
·
CVE-2019-6851
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Modicon M580 (all firmware versions)
Modicon M340 (all firmware versions)
Modicon Premium (all firmware versions)
Modicon Quantum (all firmware versions)
Description
A File and Directory Information Exposure issue exists, which could cause the disclosure of information from the controller when using the TFTP protocol.
Recommendations
For Modicon M580, consider disabling the use of the TFTP protocol until a fix is available.
For Modicon M340, consider disabling the use of the TFTP protocol until a fix is available.
For Modicon Premium, consider disabling the use of the TFTP protocol until a fix is available.
For Modicon Quantum, consider disabling the use of the TFTP protocol until a fix is available.
At the moment, there is no information about a newer version that contains a fix for this issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Modicon M340
Modicon M580
Modicon Premium
Modicon Quantum