CVE-2019-19104

Name of the Vulnerable Software and Affected Versions ABB Telephone Gateway TG/S version 3.2 Busch-Jaeger 6186/11 Telefon-Gateway (affected versions not specified)

Description The issue concerns unauthorized access to certain application endpoints without proper authentication by accessing a specific URL, which violates access-control rules. This allows for the potential obtaining of sensitive information, which could aid in further attacks and privilege escalation.

Recommendations For ABB Telephone Gateway TG/S version 3.2, update the access-control rules to enforce proper authentication for all endpoints. For Busch-Jaeger 6186/11 Telefon-Gateway, at the moment, there is no information about a newer version that contains a fix for this vulnerability.