Lucene search

[email protected]CVE-2019-10712

HistoryMay 07, 2019 - 10:29 p.m.

CVE-2019-10712

2019-05-0722:29:00

CWE-798

[email protected]

web.nvd.nist.gov

cve-2019-10712

web-gui

wago series 750-88x

wago series 750-87x

undocumented service access

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.054 Low

EPSS

Percentile

93.2%

JSON

The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.

Affected configurations

NVD

Node

wago750-830_firmwareRange<06

AND

wago750-830Match-

Node

wago750-849_firmwareRange<08

AND

wago750-849Match-

Node

wago750-871_firmwareRange<11

AND

wago750-871Match-

Node

wago750-872_firmwareRange<07

AND

wago750-872Match-

Node

wago750-873_firmwareRange<07

AND

wago750-873Match-

Node

wago750-330_firmwareRange<14

AND

wago750-330Match-

Node

wago750-352_firmwareRange<14

AND

wago750-352Match-

Node

wago750-829_firmwareRange<14

AND

wago750-829Match-

Node

wago750-831_firmwareRange<14

AND

wago750-831Match-

Node

wago750-852_firmwareRange<14

AND

wago750-852Match-

Node

wago750-880_firmwareRange<14

AND

wago750-880Match-

Node

wago750-881_firmwareRange<14

AND

wago750-881Match-

Node

wago750-882_firmwareRange<14

AND

wago750-882Match-

Node

wago750-884_firmwareRange<14

AND

wago750-884Match-

Node

wago750-885_firmwareRange<14

AND

wago750-885Match-

Node

wago750-889_firmwareRange<14

AND

wago750-889Match-

CPENameOperatorVersion
wago:750-830_firmwarewago 750-830 firmwarelt06

CPE	Name	Operator	Version
wago:750-830_firmware	wago 750-830 firmware	lt	06

References

www.securityfocus.com/bid/108482

cert.vde.com/de-de/advisories/vde-2019-008

lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E

lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E

lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E

lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E

lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E

lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E

lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.054 Low

EPSS

Percentile

93.2%

JSON

Related for CVE-2019-10712

nvd1 nessus1 ics1 prion1 cvelist1