CVE-2019-6859
Summary
| CVE | CVE-2019-6859 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-04-22 19:15:00 UTC |
| Updated | 2022-02-03 15:20:00 UTC |
| Description | A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions of the following CPUs and Communication Module product references listed in the Security Notifications), which could cause the disclosure of FTP hardcoded credentials when using the Web server of the controller on an unsecure network. |
Risk And Classification
Problem Types: CWE-798
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Schneider-electric | 140 Cpu6x | - | All | All | All |
| Operating System | Schneider-electric | 140 Cpu6x Firmware | All | All | All | All |
| Hardware | Schneider-electric | 140 Noc 77101 | - | All | All | All |
| Operating System | Schneider-electric | 140 Noc 77101 Firmware | All | All | All | All |
| Hardware | Schneider-electric | 140 Noc 78x00 | - | All | All | All |
| Operating System | Schneider-electric | 140 Noc 78x00 Firmware | All | All | All | All |
| Hardware | Schneider-electric | 140 Noe 771x1 | - | All | All | All |
| Operating System | Schneider-electric | 140 Noe 771x1 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Bmx Noc 0401 | - | All | All | All |
| Operating System | Schneider-electric | Bmx Noc 0401 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Bmx Noe 0100 | - | All | All | All |
| Operating System | Schneider-electric | Bmx Noe 0100 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Bmx Noe 0110 | - | All | All | All |
| Operating System | Schneider-electric | Bmx Noe 0110 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Bmx P34x | - | All | All | All |
| Operating System | Schneider-electric | Bmx P34x Firmware | All | All | All | All |
| Hardware | Schneider-electric | Tsx Ety X103 | - | All | All | All |
| Operating System | Schneider-electric | Tsx Ety X103 Firmware | All | All | All | All |
| Hardware | Schneider-electric | Tsx P57x | - | All | All | All |
| Operating System | Schneider-electric | Tsx P57x Firmware | All | All | All | All |
| Hardware | Se | 140 Cpu6x | - | All | All | All |
| Hardware | Se | 140 Cpu6x | - | All | All | All |
| Operating System | Se | 140 Cpu6x Firmware | All | All | All | All |
| Operating System | Se | 140 Cpu6x Firmware | All | All | All | All |
| Hardware | Se | 140 Noc 77101 | - | All | All | All |
| Hardware | Se | 140 Noc 77101 | - | All | All | All |
| Operating System | Se | 140 Noc 77101 Firmware | All | All | All | All |
| Operating System | Se | 140 Noc 77101 Firmware | All | All | All | All |
| Hardware | Se | 140 Noc 78x00 | - | All | All | All |
| Hardware | Se | 140 Noc 78x00 | - | All | All | All |
| Operating System | Se | 140 Noc 78x00 Firmware | All | All | All | All |
| Operating System | Se | 140 Noc 78x00 Firmware | All | All | All | All |
| Hardware | Se | 140 Noe 771x1 | - | All | All | All |
| Hardware | Se | 140 Noe 771x1 | - | All | All | All |
| Operating System | Se | 140 Noe 771x1 Firmware | All | All | All | All |
| Operating System | Se | 140 Noe 771x1 Firmware | All | All | All | All |
| Hardware | Se | Bmx Noc 0401 | - | All | All | All |
| Hardware | Se | Bmx Noc 0401 | - | All | All | All |
| Operating System | Se | Bmx Noc 0401 Firmware | All | All | All | All |
| Operating System | Se | Bmx Noc 0401 Firmware | All | All | All | All |
| Hardware | Se | Bmx Noe 0100 | - | All | All | All |
| Hardware | Se | Bmx Noe 0100 | - | All | All | All |
| Operating System | Se | Bmx Noe 0100 Firmware | All | All | All | All |
| Operating System | Se | Bmx Noe 0100 Firmware | All | All | All | All |
| Hardware | Se | Bmx Noe 0110 | - | All | All | All |
| Hardware | Se | Bmx Noe 0110 | - | All | All | All |
| Operating System | Se | Bmx Noe 0110 Firmware | All | All | All | All |
| Operating System | Se | Bmx Noe 0110 Firmware | All | All | All | All |
| Hardware | Se | Bmx P34x | - | All | All | All |
| Hardware | Se | Bmx P34x | - | All | All | All |
| Operating System | Se | Bmx P34x Firmware | All | All | All | All |
| Operating System | Se | Bmx P34x Firmware | All | All | All | All |
| Hardware | Se | Tsx Ety X103 | - | All | All | All |
| Hardware | Se | Tsx Ety X103 | - | All | All | All |
| Operating System | Se | Tsx Ety X103 Firmware | All | All | All | All |
| Operating System | Se | Tsx Ety X103 Firmware | All | All | All | All |
| Hardware | Se | Tsx P57x | - | All | All | All |
| Hardware | Se | Tsx P57x | - | All | All | All |
| Operating System | Se | Tsx P57x Firmware | All | All | All | All |
| Operating System | Se | Tsx P57x Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Notification - Modicon Controllers (V2.0) | Schneider Electric | MISC | www.se.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 590847 Schneider Electric Modicon Controllers Multiple Vulnerabilities (SEVD-2019-316-02)