PT-2020-11067 · Wago · Wago E!Cockpit

Published

2020-03-10

Updated

2020-03-13

CVE-2019-5107

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions WAGO e!Cockpit version 1.5.1.1

Description A cleartext transmission issue exists in the network communication functionality. An attacker with access to network traffic can intercept, interpret, and manipulate data, including passwords, configurations, and binaries being transferred to endpoints.

Recommendations For WAGO e!Cockpit version 1.5.1.1, consider implementing encryption for network communications to prevent data interception and manipulation. As a temporary workaround, restrict access to the network to minimize the risk of exploitation.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2019-5107

Affected Products

Wago E!Cockpit

PT-2020-11067 · Wago · Wago E!Cockpit

CVE-2019-5107

Weakness Enumeration

Related Identifiers

Affected Products

References · 4