CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
39.4%
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists.
Vendor | Product | Version | CPE |
---|---|---|---|
phoenixcontact | axl_f_bk_pn_tps_xc_firmware | * | cpe:2.3:o:phoenixcontact:axl_f_bk_pn_tps_xc_firmware:*:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_pn_tps_xc | - | cpe:2.3:h:phoenixcontact:axl_f_bk_pn_tps_xc:-:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_pn_tps_firmware | * | cpe:2.3:o:phoenixcontact:axl_f_bk_pn_tps_firmware:*:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_pn_tps | - | cpe:2.3:h:phoenixcontact:axl_f_bk_pn_tps:-:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_eip_firmware | * | cpe:2.3:o:phoenixcontact:axl_f_bk_eip_firmware:*:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_eip | - | cpe:2.3:h:phoenixcontact:axl_f_bk_eip:-:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_eip_ef_firmware | * | cpe:2.3:o:phoenixcontact:axl_f_bk_eip_ef_firmware:*:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_eip_ef | - | cpe:2.3:h:phoenixcontact:axl_f_bk_eip_ef:-:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_eth_firmware | * | cpe:2.3:o:phoenixcontact:axl_f_bk_eth_firmware:*:*:*:*:*:*:*:* |
phoenixcontact | axl_f_bk_eth | - | cpe:2.3:h:phoenixcontact:axl_f_bk_eth:-:*:*:*:*:*:*:* |
[
{
"platforms": [
"HW < 01"
],
"product": "AXL F BK",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F PN TPS XC (1068857)",
"versionType": "custom"
},
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F EIP EF (2702782)",
"versionType": "custom"
}
]
},
{
"platforms": [
"HW < 02"
],
"product": "AXL F BK",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F PN TPS (2403869)",
"versionType": "custom"
}
]
},
{
"platforms": [
"HW < 05"
],
"product": "AXL F BK",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F EIP (2688394)",
"versionType": "custom"
},
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F ETH (2688459)",
"versionType": "custom"
},
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F ETH XC (2701949)",
"versionType": "custom"
},
{
"lessThan": "1.40",
"status": "affected",
"version": "AXL F S3 (2701686)",
"versionType": "custom"
}
]
},
{
"product": "AXL F BK",
"vendor": "Phoenix Contact",
"versions": [
{
"status": "affected",
"version": "AXL F PN (2701815) all revisions"
},
{
"status": "affected",
"version": "AXL F PN XC (2701222) all revisions"
},
{
"status": "affected",
"version": "AXL F ETH NET2 (2702177) all revisions"
},
{
"status": "affected",
"version": "AXL F SAS (2701457) all revisions"
}
]
},
{
"product": "IL",
"vendor": "Phoenix Contact",
"versions": [
{
"status": "affected",
"version": "IL PN BK-PAC (2403696) all revisions"
},
{
"status": "affected",
"version": "IL PN BK DI8 DO4 2TX-PAC (2703994) all revisions"
},
{
"status": "affected",
"version": "IL PN BK DI8 DO4 2SCRJ-PAC (2878379) all revisions"
},
{
"status": "affected",
"version": "IL ETH BK DI8 DO4 2TX-XC-PAC (2701388) all revisions"
},
{
"status": "affected",
"version": "IL ETH BK DI8 DO4 2TX-PAC (2703981) all revisions"
},
{
"status": "affected",
"version": "IL EIP BK DI8 DO4 2TX-PAC (2897758) all revisions"
},
{
"status": "affected",
"version": "IL S3 BK DI8 DO4 2TX-PAC (2692380) all revisions"
}
]
}
]
More
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
39.4%