CVE-2019-16673

EUVD-2019-7235
An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Passwords are stored in cleartext and can be read by anyone with access to the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
weidmuellerie-sw-pl09m-5gc-4gt_firmware
𝑥
≤ 3.3.4
weidmuellerie-sw-pl09mt-5gc-4gt_firmware
𝑥
≤ 3.3.4
weidmuellerie-sw-pl18m-2gc-16tx_firmware
𝑥
≤ 3.4.4
weidmuellerie-sw-pl18mt-2gc-16tx_firmware
𝑥
≤ 3.4.4
weidmuellerie-sw-pl18m-2gc14tx2sc_firmware
𝑥
≤ 3.4.4
weidmuellerie-sw-pl18mt-2gc14tx2sc_firmware
𝑥
≤ 3.4.4
weidmuellerie-sw-pl18m-2gc14tx2st_firmware
𝑥
≤ 3.4.4
weidmuellerie-sw-pl18mt-2gc14tx2st_firmware
𝑥
≤ 3.4.4
weidmuellerie-sw-pl18m-2gc14tx2scs_firmware
𝑥
≤ 3.4.4
weidmuellerie-sw-pl18mt-2gc14tx2scs_firmware
𝑥
≤ 3.4.4
weidmuellerie-sw-pl16m-16tx_firmware
𝑥
≤ 3.4.2
weidmuellerie-sw-pl16mt-16tx_firmware
𝑥
≤ 3.4.2
weidmuellerie-sw-pl16m-14tx-2sc_firmware
𝑥
≤ 3.4.2
weidmuellerie-sw-pl16mt-14tx-2sc_firmware
𝑥
≤ 3.4.2
weidmuellerie-sw-pl16m-14tx-2st_firmware
𝑥
≤ 3.4.2
weidmuellerie-sw-pl16mt-14tx-2st_firmware
𝑥
≤ 3.4.2
weidmuellerie-sw-vl05m-5tx_firmware
𝑥
≤ 3.6.6
weidmuellerie-sw-vl05mt-5tx_firmware
𝑥
≤ 3.6.6
weidmuellerie-sw-vl05m-3tx-2sc_firmware
𝑥
≤ 3.6.6
weidmuellerie-sw-vl05mt-3tx-2sc_firmware
𝑥
≤ 3.6.6
weidmuellerie-sw-vl05m-3tx-2st_firmware
𝑥
≤ 3.6.6
weidmuellerie-sw-vl05mt-3tx-2st_firmware
𝑥
≤ 3.6.6
weidmuellerie-sw-vl08mt-8tx_firmware
𝑥
≤ 3.5.2
weidmuellerie-sw-vl08mt-5tx-3sc_firmware
𝑥
≤ 3.5.2
weidmuellerie-sw-vl08mt-5tx-1sc-2scs_firmware
𝑥
≤ 3.5.2
weidmuellerie-sw-vl08mt-6tx-2st_firmware
𝑥
≤ 3.5.2
weidmuellerie-sw-vl08mt-6tx-2sc_firmware
𝑥
≤ 3.5.2
weidmuellerie-sw-vl08mt-6tx-2scs_firmware
𝑥
≤ 3.5.2
weidmuellerie-sw-pl08m-8tx_firmware
𝑥
≤ 3.3.8
weidmuellerie-sw-pl08mt-8tx_firmware
𝑥
≤ 3.3.8
weidmuellerie-sw-pl08m-6tx-2sc_firmware
𝑥
≤ 3.3.8
weidmuellerie-sw-pl08mt-6tx-2sc_firmware
𝑥
≤ 3.3.8
weidmuellerie-sw-pl08m-6tx-2st_firmware
𝑥
≤ 3.3.8
weidmuellerie-sw-pl08mt-6tx-2st_firmware
𝑥
≤ 3.3.8
weidmuellerie-sw-pl08m-6tx-2scs_firmware
𝑥
≤ 3.3.8
weidmuellerie-sw-pl08mt-6tx-2scs_firmware
𝑥
≤ 3.3.8
weidmuellerie-sw-pl10m-3gt-7tx_firmware
𝑥
≤ 3.3.16
weidmuellerie-sw-pl10mt-3gt-7tx_firmware
𝑥
≤ 3.3.16
weidmuellerie-sw-pl10m-1gt-2gs-7tx_firmware
𝑥
≤ 3.3.16
weidmuellerie-sw-pl10mt-1gt-2gs-7tx_firmware
𝑥
≤ 3.3.16
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert.vde.com/en-us/advisories
https://cert.vde.com/en-us/advisories/vde-2019-018
https://mdcop.weidmueller.com/mediadelivery/asset/900_102694
https://www.us-cert.gov/ics/advisories/icsa-19-339-02
https://cert.vde.com/en-us/advisories
https://cert.vde.com/en-us/advisories/vde-2019-018
https://mdcop.weidmueller.com/mediadelivery/asset/900_102694
https://www.us-cert.gov/ics/advisories/icsa-19-339-02