PT-2020-10048 · Busch Jaeger+1 · Busch-Jaeger 6186/11 Telefon-Gateway+1

Published

2020-04-22

Updated

2021-09-14

CVE-2019-19106

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions ABB Telephone Gateway TG/S version 3.2 Busch-Jaeger 6186/11 Telefon-Gateway (affected versions not specified)

Description The issue is related to the improper implementation of Access Control, allowing unauthorized users to access restricted data. This includes viewing or editing user profiles and application settings.

Recommendations For ABB Telephone Gateway TG/S version 3.2, consider restricting access to user profiles and application settings until a proper fix is applied. For Busch-Jaeger 6186/11 Telefon-Gateway, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2019-19106

Affected Products

Abb Telephone Gateway Tg/S

Busch-Jaeger 6186/11 Telefon-Gateway

PT-2020-10048 · Busch Jaeger+1 · Busch-Jaeger 6186/11 Telefon-Gateway+1

CVE-2019-19106

Weakness Enumeration

Related Identifiers

Affected Products

References · 2