7.5
CVE-2019-6806
- EPSS 0.42%
- Published 22.05.2019 21:29:00
- Last modified 21.11.2024 04:47:11
- Source cybersecurity@se.com
- Teams watchlist Login
- Open Login
A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading variables in the controller using Modbus.
Data is provided by the National Vulnerability Database (NVD)
Schneider-electric ≫ Modicon Premium Firmware Version-
Schneider-electric ≫ Modicon Quantum Firmware Version-
Schneider-electric ≫ Modicon M340 Firmware Version < 3.10
Schneider-electric ≫ Modicon M580 Firmware Version < 2.90
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.612 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|