PT-2019-9016 · Phoenix Contact · Fl Switch 3Xxx+2
Publicado
2019-05-07
·
Atualizado
2019-10-09
·
CVE-2018-13993
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 through 1.34
Description
The WebUI of the affected devices is prone to CSRF, which could potentially allow unauthorized actions to be performed.
Recommendations
For versions 1.0 through 1.34, consider implementing CSRF protection mechanisms, such as token-based validation, to prevent unauthorized requests.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Fl Switch 3Xxx
Fl Switch 48Xx
Fl Switch 4Xxx