9.8
CVE-2018-7242
- EPSS 0.26%
- Veröffentlicht 18.04.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:11:51
- Quelle cybersecurity@se.com
- Teams Watchlist Login
- Unerledigt Login
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Schneider-electric ≫ Bmxnor0200 Firmware Version-
Schneider-electric ≫ Bmxnor0200h Firmware Version-
Schneider-electric ≫ 140cpu65150 Firmware Version-
Schneider-electric ≫ 140cpu31110 Firmware Version-
Schneider-electric ≫ 140cpu43412u Firmware Version-
Schneider-electric ≫ 140cpu65160 Firmware Version-
Schneider-electric ≫ 140cpu65260 Firmware Version-
Schneider-electric ≫ 140cpu65860 Firmware Version-
Schneider-electric ≫ 140cpu65160s Firmware Version-
Schneider-electric ≫ 140cpu65150c Firmware Version-
Schneider-electric ≫ 140cpu31110c Firmware Version-
Schneider-electric ≫ 140cpu43412uc Firmware Version-
Schneider-electric ≫ 140cpu65160c Firmware Version-
Schneider-electric ≫ 140cpu65160c Firmware Version-
Schneider-electric ≫ 140cpu65260c Firmware Version-
Schneider-electric ≫ 140cpu65860c Firmware Version-
Schneider-electric ≫ Tsxh5724m Firmware Version-
Schneider-electric ≫ Tsxh5744m Firmware Version-
Schneider-electric ≫ Tsxp57104m Firmware Version-
Schneider-electric ≫ Tsxp57154m Firmware Version-
Schneider-electric ≫ Tsxp571634m Firmware Version-
Schneider-electric ≫ Tsxp57204m Firmware Version-
Schneider-electric ≫ Tsxp57254m Firmware Version-
Schneider-electric ≫ Tsxp572634m Firmware Version-
Schneider-electric ≫ Tsxp57304m Firmware Version-
Schneider-electric ≫ Tsxp57354m Firmware Version-
Schneider-electric ≫ Tsxp573634m Firmware Version-
Schneider-electric ≫ Tsxp57454m Firmware Version-
Schneider-electric ≫ Tsxp574634m Firmware Version-
Schneider-electric ≫ Tsxp575634m Firmware Version-
Schneider-electric ≫ Tsxp576634m Firmware Version-
Schneider-electric ≫ Tsxh5724mc Firmware Version-
Schneider-electric ≫ Tsxh5744mc Firmware Version-
Schneider-electric ≫ Tsxp57104mc Firmware Version-
Schneider-electric ≫ Tsxp57154mc Firmware Version-
Schneider-electric ≫ Tsxp571634mc Firmware Version-
Schneider-electric ≫ Tsxp57204mc Firmware Version-
Schneider-electric ≫ Tsxp57254mc Firmware Version-
Schneider-electric ≫ Tsxp572634mc Firmware Version-
Schneider-electric ≫ Tsxp57304mc Firmware Version-
Schneider-electric ≫ Tsxp57354mc Firmware Version-
Schneider-electric ≫ Tsxp573634mc Firmware Version-
Schneider-electric ≫ Tsxp57454mc Firmware Version-
Schneider-electric ≫ Tsxp574634mc Firmware Version-
Schneider-electric ≫ Tsxp57554mc Firmware Version-
Schneider-electric ≫ Tsxp575634mc Firmware Version-
Schneider-electric ≫ Tsxp576634mc Firmware Version-
Schneider-electric ≫ Tsxh5724m Firmware Version-
Schneider-electric ≫ Tsxh5744mc Firmware Version-
Schneider-electric ≫ Tsxp57554m Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.465 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-326 Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.