4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.2%
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.
CPE | Name | Operator | Version |
---|---|---|---|
phoenixcontact:wp_6070-wvps_firmware | phoenixcontact wp 6070-wvps firmware | lt | 4.0.10 |
[
{
"defaultStatus": "unaffected",
"product": "WP 6070-WVPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6101-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6121-WXPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6156-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6185-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP 6215-WHPS",
"vendor": "PHOENIX CONTACT",
"versions": [
{
"lessThan": "4.0.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.2%