CVE-2019-6845

High

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon…

schneider·CWE-319·Published 2019-10-29

CVSS

7.5

EPSS

0.01

KEV

Exploits

cve.orgen

293 chars

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol.

NVDen

293 chars

NVDes

334 chars

Una CWE-319: existe una vulnerabilidad de Transmisión de Texto Sin Cifrar de Información Confidencial en Modicon M580, Modicon M340, Modicon Premium, Modicon Quantum (todas las versiones de firmware), lo que podría causar una divulgación de información cuando se transfieren aplicaciones al controlador usando el protocolo Modbus TCP.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N