fkie_cve-2019-6855
Vulnerability from fkie_nvd
Published
2020-01-06 23:15
Modified
2024-11-21 04:47
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2019-344-02/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2019-344-02/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric ecostruxure_control_expert *
schneider-electric ecostruxure_control_expert 14.1
schneider-electric unity_pro *
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmeh584040_firmware *
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmeh586040_firmware *
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmeh582040_firmware *
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmep584040s_firmware *
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmeh584040s_firmware *
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040s_firmware *
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep582040s_firmware *
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10BD615A-F82C-4CCA-BB41-89F6EF5467F1",
              "versionEndExcluding": "14.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D34F92F7-2058-43F0-BCF1-2925E12D29E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:unity_pro:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51476F6C-7515-4DD4-8D3D-5E86C1EEFC06",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5449E755-4992-4000-BD4D-B4B8E2E3DD3F",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AA81375-45BC-4363-A983-927CF387A4A0",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37811A48-CDDE-4C7E-B255-596D51932BE8",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA066DD-C0D5-413E-B858-DEA3B2E3B3B5",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB88DA1F-6526-4EEA-AFDE-F09B33903F48",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8769D3F1-4E16-40EC-A0D6-EFC5C7C6A483",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F42514A-3D4B-4E01-8A74-9CD2FD516002",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D3B6735-D709-43FD-8EA3-A09522584C10",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA007461-EE11-41F0-90C4-8A23E8FFED62",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D87361A5-1E59-48C1-8097-6B3D3538F4F2",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C4644B-E7D7-49D9-867D-35E58D13B4C7",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0C67FC1-8EA6-447C-9891-B5242783C614",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB4D826-414C-4E89-BC13-33FA6FE1BE5A",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2B68D4E-EBE5-4E44-AA7E-F8D53F32D3C5",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7A39833-AA85-4003-99F9-9FC4DA98895E",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39597434-BDCF-4515-8EAE-7A392CAD3E13",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86401BD9-9D3F-4626-A299-6AFD5A7C6A95",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16101586-1908-497E-84A2-BD204693317C",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC91F3A5-7032-45DD-8897-0A63FDD25550",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA9F5C74-1CF8-47E8-B3AB-2F87FCD25D28",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "486E0121-1C3B-4EDC-9D76-292648A96764",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86401BD9-9D3F-4626-A299-6AFD5A7C6A95",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de Autorizaci\u00f3n Incorrecta en EcoStruxure Control Expert (todas las versiones anteriores a la 14.1 Hot Fix), Unity Pro (todas las versiones), Modicon M340 (todas las versiones anteriores a la V3.20) , y Modicon M580 (todas las versiones anteriores a la V3.10), que podr\u00eda causar un bypass del proceso de autenticaci\u00f3n entre EcoStruxure Control Expert y los controladores M340 y M580"
    }
  ],
  "id": "CVE-2019-6855",
  "lastModified": "2024-11-21T04:47:17.287",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-06T23:15:11.237",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.