var-201905-0037
Vulnerability from variot
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum. plural Modicon The product contains a vulnerability related to the use of insufficient random values.Information may be obtained. Schneider Electric Modicon M580 and others are products of Schneider Electric, France. The Schneider Electric Modicon M580 is a programmable automation controller. Schneider Electric Modicon Premium is a large programmable logic controller (PLC) for discrete or process applications. Schneider Electric Modicon Quantum is a large programmable logic controller (PLC) for process applications, high availability and safety solutions. There are insufficient random value exploits in Modicon M580/M340/Premium/Quantum. An attacker could exploit this vulnerability to implement TCP connection hijacking when using Ethernet communications. An attacker can exploit this issue to bypass certain security restrictions, obtain sensitive information and perform unauthorized actions; this may aid in launching further attacks. The following Schneider Electric Modicon products are vulnerable: Modicon M580 versions prior to 2.30 Modicon M340 Modicon Premium Modicon Quantum. This vulnerability is due to the lack of security measures such as authentication, access control, and rights management in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0037",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "modicon m580",
"scope": "lt",
"trust": 1.8,
"vendor": "schneider electric",
"version": "2.30"
},
{
"model": "modicon quantum",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "*"
},
{
"model": "modicon premium",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "*"
},
{
"model": "modicon m340",
"scope": "eq",
"trust": 1.0,
"vendor": "schneider electric",
"version": "*"
},
{
"model": "modicon m340",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon premium plc",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "modicon quantum plc",
"scope": null,
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"model": "electric modicon m340",
"scope": null,
"trust": 0.6,
"vendor": "schneider",
"version": null
},
{
"model": "electric modicon quantum",
"scope": null,
"trust": 0.6,
"vendor": "schneider",
"version": null
},
{
"model": "electric modicon premium",
"scope": null,
"trust": 0.6,
"vendor": "schneider",
"version": null
},
{
"model": "electric modicon m580",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "v2.30"
},
{
"model": "modicon quantum",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "modicon premium",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "modicon m580",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2.20"
},
{
"model": "modicon m340",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "modicon m580",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2.80"
},
{
"model": "modicon m580",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "2.30"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modicon m580",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modicon m340",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modicon quantum",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modicon premium",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0"
},
{
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"db": "BID",
"id": "108366"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"db": "NVD",
"id": "CVE-2019-6821"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:schneider_electric:modicon_m340_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:schneider_electric:modicon_m580_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:schneider_electric:modicon_premium_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:schneider_electric:modicon_quantum_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Formby \u0026 Raheem Beyah of Fortiphyd Logic and Georgia Tech.",
"sources": [
{
"db": "BID",
"id": "108366"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-798"
}
],
"trust": 0.9
},
"cve": "CVE-2019-6821",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-6821",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-6821",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-15888",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "264dd250-479d-4b77-9e34-bb3459e250d0",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-158256",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2019-6821",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-6821",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6821",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-6821",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-15888",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-798",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-158256",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0"
},
{
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"db": "VULHUB",
"id": "VHN-158256"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-798"
},
{
"db": "NVD",
"id": "CVE-2019-6821"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum. plural Modicon The product contains a vulnerability related to the use of insufficient random values.Information may be obtained. Schneider Electric Modicon M580 and others are products of Schneider Electric, France. The Schneider Electric Modicon M580 is a programmable automation controller. Schneider Electric Modicon Premium is a large programmable logic controller (PLC) for discrete or process applications. Schneider Electric Modicon Quantum is a large programmable logic controller (PLC) for process applications, high availability and safety solutions. There are insufficient random value exploits in Modicon M580/M340/Premium/Quantum. An attacker could exploit this vulnerability to implement TCP connection hijacking when using Ethernet communications. \nAn attacker can exploit this issue to bypass certain security restrictions, obtain sensitive information and perform unauthorized actions; this may aid in launching further attacks. \nThe following Schneider Electric Modicon products are vulnerable:\nModicon M580 versions prior to 2.30\nModicon M340\nModicon Premium\nModicon Quantum. This vulnerability is due to the lack of security measures such as authentication, access control, and rights management in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6821"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"db": "BID",
"id": "108366"
},
{
"db": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0"
},
{
"db": "VULHUB",
"id": "VHN-158256"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6821",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-136-01",
"trust": 2.8
},
{
"db": "SCHNEIDER",
"id": "SEVD-2019-134-03",
"trust": 2.0
},
{
"db": "BID",
"id": "108366",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201905-798",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-15888",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760",
"trust": 0.8
},
{
"db": "IVD",
"id": "264DD250-479D-4B77-9E34-BB3459E250D0",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-158256",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0"
},
{
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"db": "VULHUB",
"id": "VHN-158256"
},
{
"db": "BID",
"id": "108366"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-798"
},
{
"db": "NVD",
"id": "CVE-2019-6821"
}
]
},
"id": "VAR-201905-0037",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0"
},
{
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"db": "VULHUB",
"id": "VHN-158256"
}
],
"trust": 1.8935065
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0"
},
{
"db": "CNVD",
"id": "CNVD-2019-15888"
}
]
},
"last_update_date": "2024-11-23T22:33:56.183000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2019-134-03",
"trust": 0.8,
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03/"
},
{
"title": "Modicon M580/M340/Premium/Quantum patch with insufficient random value exploits",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/162385"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158256"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"db": "NVD",
"id": "CVE-2019-6821"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/108366"
},
{
"trust": 2.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-136-01"
},
{
"trust": 1.7,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2019-134-03/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6821"
},
{
"trust": 0.9,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
},
{
"trust": 0.9,
"url": "https://download.schneider-electric.com/files?p_endoctype=technical+leaflet\u0026p_file_name=sevd-2019-134-03+-+modicon+controller.pdf\u0026p_doc_ref=sevd-2019-134-03"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6821"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-136-01"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov//vuln/detail/cve-2019-6821"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"db": "VULHUB",
"id": "VHN-158256"
},
{
"db": "BID",
"id": "108366"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-798"
},
{
"db": "NVD",
"id": "CVE-2019-6821"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0"
},
{
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"db": "VULHUB",
"id": "VHN-158256"
},
{
"db": "BID",
"id": "108366"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-798"
},
{
"db": "NVD",
"id": "CVE-2019-6821"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-30T00:00:00",
"db": "IVD",
"id": "264dd250-479d-4b77-9e34-bb3459e250d0"
},
{
"date": "2019-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"date": "2019-05-22T00:00:00",
"db": "VULHUB",
"id": "VHN-158256"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108366"
},
{
"date": "2019-06-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"date": "2019-05-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-798"
},
{
"date": "2019-05-22T20:29:02.183000",
"db": "NVD",
"id": "CVE-2019-6821"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-15888"
},
{
"date": "2019-06-17T00:00:00",
"db": "VULHUB",
"id": "VHN-158256"
},
{
"date": "2019-05-14T00:00:00",
"db": "BID",
"id": "108366"
},
{
"date": "2019-07-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004760"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-798"
},
{
"date": "2024-11-21T04:47:13.233000",
"db": "NVD",
"id": "CVE-2019-6821"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-798"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Modicon Vulnerabilities related to insufficient random values in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004760"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-798"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…