CVE-2019-6851

High

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum…

schneider·CWE-538·Published 2019-10-29

CVSS

7.5

EPSS

0.30

KEV

Exploits

cve.orgen

255 chars

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information from the controller when using TFTP protocol.

NVDen

255 chars

NVDes

286 chars

CWE-538: Hay una vulnerabilidad de Exposición de Información de Archivos y Directorios en Modicon M580, Modicon M340, Modicon Premium, Modicon Quantum (todas las versiones de firmware), lo que podría causar una divulgación de información del controlador cuando se usa el protocolo TFTP.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N