Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-4859
HistoryDec 17, 2011 - 11:55 a.m.

CVE-2011-4859

2011-12-1711:55:11
[email protected]
web.nvd.nist.gov
51
cve-2011-4859
schneider electric
quantum 140noe771
140cpu65
premium tsxety
tsxp57
m340 bmxnoe01
bmxp3420
stb dio stbnic2212
stbnip2
hardcoded passwords
remote access
vulnerability
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.056 Low

EPSS

Percentile

93.3%

JSON

The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or Β© FTP port.

Affected configurations

NVD
Node
schneider-electricquantum_ethernet_module_140cpu65150Range≀3.5
OR
schneider-electricquantum_ethernet_module_140cpu65160Range≀3.5
OR
schneider-electricquantum_ethernet_module_140cpu65260Range≀3.5
OR
schneider-electricquantum_ethernet_module_140noe77100Range≀3.3
OR
schneider-electricquantum_ethernet_module_140noe77100Range≀3.4
OR
schneider-electricquantum_ethernet_module_140noe77101Range≀4.9
OR
schneider-electricquantum_ethernet_module_140noe77111Range≀5.0
Node
schneider-electricpremium_ethernet_module_tsxety4103Range≀5.0
OR
schneider-electricpremium_ethernet_module_tsxety5103Range≀5.0
OR
schneider-electricpremium_ethernet_module_tsxp57163mRange≀4.9
OR
schneider-electricpremium_ethernet_module_tsxp572634mRange≀4.9
OR
schneider-electricpremium_ethernet_module_tsxp573634mRange≀4.9
OR
schneider-electricpremium_ethernet_module_tsxp574634mRange≀3.5
OR
schneider-electricpremium_ethernet_module_tsxp575634mRange≀3.5
OR
schneider-electricpremium_ethernet_module_tsxp576634mRange≀3.5
Node
schneider-electricm340_ethernet_module_bmxnoe0100Range≀2.3
OR
schneider-electricm340_ethernet_module_bmxnoe0110Range≀4.65
OR
schneider-electricm340_ethernet_module_bmxp342020Range≀2.2
OR
schneider-electricm340_ethernet_module_bmxp342030Range≀2.2
Node
schneider-electricstb_dio_ethernet_module_stbnic2212Range≀2.10
OR
schneider-electricstb_dio_ethernet_module_stbnip2212Range≀2.73
OR
schneider-electricstb_dio_ethernet_module_stbnip2311Range≀3.01
CPENameOperatorVersion
schneider-electric:quantum_ethernet_module_140cpu65150schneider-electric quantum ethernet module 140cpu65150le3.5
schneider-electric:quantum_ethernet_module_140cpu65160schneider-electric quantum ethernet module 140cpu65160le3.5
schneider-electric:quantum_ethernet_module_140cpu65260schneider-electric quantum ethernet module 140cpu65260le3.5
schneider-electric:quantum_ethernet_module_140noe77100schneider-electric quantum ethernet module 140noe77100le3.3
schneider-electric:quantum_ethernet_module_140noe77100schneider-electric quantum ethernet module 140noe77100le3.4
schneider-electric:quantum_ethernet_module_140noe77101schneider-electric quantum ethernet module 140noe77101le4.9
schneider-electric:quantum_ethernet_module_140noe77111schneider-electric quantum ethernet module 140noe77111le5.0

Related

nessus 2
cvelist 1
nvd 1
prion 1
seebug 1
ics 1
openvas 2
nessus
nessus
Schneider-electric Quantum Unspecified Vulnerability
2019-11-08 00:00:00
Schneider Electric Quantum Ethernet Module Hard-Coded Credentials (CVE-2011-4859)
2022-02-07 00:00:00
cvelist
cvelist
CVE-2011-4859
2011-12-17 11:00:00
nvd
nvd
CVE-2011-4859
2011-12-17 11:55:11
prion
prion
Hardcoded credentials
2011-12-17 11:55:00
seebug
seebug
施耐德(Schneider) PLC δ»₯ε€ͺη½‘ζ¨‘ε—ε›Ίδ»ΆεŽι—¨
2015-09-09 00:00:00
ics
ics
Schneider Electric Quantum Ethernet Module Hard-Coded Credentials (Update B)
2018-09-06 12:00:00
openvas
openvas
Schneider Electric Quantum Ethernet Module Hardcoded Credentials (Telnet)
2011-12-14 00:00:00
Schneider Electric Quantum Ethernet Module Hardcoded Credentials (FTP)
2011-12-14 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.056 Low

EPSS

Percentile

93.3%

JSON
Related for CVE-2011-4859
nessus2cvelist1nvd1prion1seebug1ics1openvas2