PT-2019-14755 · Weidmueller · Weidmueller Ie-Sw-Vl05M+2
Published
2019-12-06
·
Updated
2019-12-12
·
CVE-2019-16670
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Weidmueller IE-SW-VL05M version 3.6.6 Build 16102415
Weidmueller IE-SW-VL08MT version 3.5.2 Build 16102415
Weidmueller IE-SW-PL10M version 3.3.16 Build 16102416
Description
The issue concerns the authentication mechanism, which lacks brute-force prevention.
Recommendations
For Weidmueller IE-SW-VL05M version 3.6.6 Build 16102415, consider implementing additional security measures to prevent brute-force attacks until a patch is available.
For Weidmueller IE-SW-VL08MT version 3.5.2 Build 16102415, consider implementing additional security measures to prevent brute-force attacks until a patch is available.
For Weidmueller IE-SW-PL10M version 3.3.16 Build 16102416, consider implementing additional security measures to prevent brute-force attacks until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Weidmueller Ie-Sw-Pl10M
Weidmueller Ie-Sw-Vl05M
Weidmueller Ie-Sw-Vl08Mt