Lucene search

[email protected]NVD:CVE-2019-6819

HistoryMay 22, 2019 - 8:29 p.m.

CVE-2019-6819

2019-05-2220:29:02

CWE-754

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

50.6%

JSON

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium.

Affected configurations

NVD

Node

schneider-electricmodicon_m340_firmwareRange<3.01

AND

schneider-electricmodicon_m340_bmxp341000Match-

schneider-electricmodicon_m340_bmxp341000hMatch-

schneider-electricmodicon_m340_bmxp342000Match-

schneider-electricmodicon_m340_bmxp3420102Match-

schneider-electricmodicon_m340_bmxp3420102clMatch-

schneider-electricmodicon_m340_bmxp342020Match-

schneider-electricmodicon_m340_bmxp342020hMatch-

schneider-electricmodicon_m340_bmxp3420302Match-

schneider-electricmodicon_m340_bmxp3420302clMatch-

schneider-electricmodicon_m340_bmxp3420302hMatch-

Node

schneider-electricmodicon_m580_firmwareRange<2.80

AND

schneider-electricbmeh582040Match-

schneider-electricbmeh582040cMatch-

schneider-electricbmeh584040Match-

schneider-electricbmeh584040cMatch-

schneider-electricbmeh586040Match-

schneider-electricbmeh586040cMatch-

schneider-electricmodicon_m580_bmep581020Match-

schneider-electricmodicon_m580_bmep581020hMatch-

schneider-electricmodicon_m580_bmep582020Match-

schneider-electricmodicon_m580_bmep582020hMatch-

schneider-electricmodicon_m580_bmep582040Match-

schneider-electricmodicon_m580_bmep582040hMatch-

schneider-electricmodicon_m580_bmep582040sMatch-

schneider-electricmodicon_m580_bmep583020Match-

schneider-electricmodicon_m580_bmep583040Match-

schneider-electricmodicon_m580_bmep584020Match-

schneider-electricmodicon_m580_bmep584040Match-

schneider-electricmodicon_m580_bmep584040sMatch-

schneider-electricmodicon_m580_bmep585040Match-

schneider-electricmodicon_m580_bmep585040cMatch-

schneider-electricmodicon_m580_bmep586040Match-

schneider-electricmodicon_m580_bmep586040cMatch-

Node

schneider-electricmodicon_quantum_firmware

AND

schneider-electricmodicon_quantumMatch-

Node

schneider-electricmodicon_premium_firmware

AND

schneider-electricmodicon_premiumMatch-

References

www.securityfocus.com/bid/109004

www.schneider-electric.com/en/download/document/SEVD-2019-134-05/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

50.6%

JSON

Related for NVD:CVE-2019-6819

cvelist1 nessus2 cve1 ics1 prion1