CVE-2019-16674

Name of the Vulnerable Software and Affected Versions Weidmueller IE-SW-VL05M version 3.6.6 Build 16102415 Weidmueller IE-SW-VL08MT version 3.5.2 Build 16102415 Weidmueller IE-SW-PL10M version 3.3.16 Build 16102416

Description An issue allows authentication information used in a cookie to be predictable, potentially leading to admin password compromise if captured on the network.

Recommendations For Weidmueller IE-SW-VL05M version 3.6.6 Build 16102415, consider restricting network access to prevent cookie capture until a fix is available. For Weidmueller IE-SW-VL08MT version 3.5.2 Build 16102415, avoid using the affected devices on unsecured networks to minimize the risk of exploitation. For Weidmueller IE-SW-PL10M version 3.3.16 Build 16102416, as a temporary workaround, consider implementing additional authentication measures to mitigate the risk of admin password compromise. At the moment, there is no information about a newer version that contains a fix for this vulnerability.