Versio.io

CVE-2019-6851

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 29-10-2019 08:15
Last modified: - 03-02-2022 05:10
Total changes: - 3

Description

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information from the controller when using TFTP protocol.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Low
Attack complexity
Network
Attack vector
None
Availability
High
Confidentiality
None
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
7.5
Base score
3.9
3.6
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=schneider-electric AND product=modicon_m580_firmware
OR
vendor=schneider-electric AND product=modicon_m580 AND version=-
AND
OR
vendor=schneider-electric AND product=modicon_m340_firmware
OR
vendor=schneider-electric AND product=modicon_m340 AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmcpc002m_firmware
OR
vendor=schneider-electric AND product=tsxmcpc002m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmcpc512k_firmware
OR
vendor=schneider-electric AND product=tsxmcpc512k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp001m_firmware
OR
vendor=schneider-electric AND product=tsxmfpp001m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp002m_firmware
OR
vendor=schneider-electric AND product=tsxmfpp002m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp004m_firmware
OR
vendor=schneider-electric AND product=tsxmfpp004m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp512k_firmware
OR
vendor=schneider-electric AND product=tsxmfpp512k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc001m_firmware
OR
vendor=schneider-electric AND product=tsxmrpc001m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc002m_firmware
OR
vendor=schneider-electric AND product=tsxmrpc002m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc003m_firmware
OR
vendor=schneider-electric AND product=tsxmrpc003m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc007m_firmware
OR
vendor=schneider-electric AND product=tsxmrpc007m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc01m7_firmware
OR
vendor=schneider-electric AND product=tsxmrpc01m7 AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc768k_firmware
OR
vendor=schneider-electric AND product=tsxmrpc768k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpf004m_firmware
OR
vendor=schneider-electric AND product=tsxmrpf004m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpf008m_firmware
OR
vendor=schneider-electric AND product=tsxmrpf008m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmcpc002m_firmware
OR
vendor=schneider-electric AND product=tsxmcpc002m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmcpc512k_firmware
OR
vendor=schneider-electric AND product=tsxmcpc512k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfp0128p2_firmware
OR
vendor=schneider-electric AND product=tsxmfp0128p2 AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfp064p2_firmware
OR
vendor=schneider-electric AND product=tsxmfp064p2 AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp001m_firmware
OR
vendor=schneider-electric AND product=tsxmfpp001m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp002m_firmware
OR
vendor=schneider-electric AND product=tsxmfpp002m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp004m_firmware
OR
vendor=schneider-electric AND product=tsxmfpp004m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp224k_firmware
OR
vendor=schneider-electric AND product=tsxmfpp224k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp384k_firmware
OR
vendor=schneider-electric AND product=tsxmfpp384k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmfpp512k_firmware
OR
vendor=schneider-electric AND product=tsxmfpp512k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc001m_firmware
OR
vendor=schneider-electric AND product=tsxmrpc001m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc002m_firmware
OR
vendor=schneider-electric AND product=tsxmrpc002m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc003m_firmware
OR
vendor=schneider-electric AND product=tsxmrpc003m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc007m_firmware
OR
vendor=schneider-electric AND product=tsxmrpc007m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc01m7_firmware
OR
vendor=schneider-electric AND product=tsxmrpc01m7 AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc448k_firmware
OR
vendor=schneider-electric AND product=tsxmrpc448k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpc768k_firmware
OR
vendor=schneider-electric AND product=tsxmrpc768k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpf004m_firmware
OR
vendor=schneider-electric AND product=tsxmrpf004m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpf008m_firmware
OR
vendor=schneider-electric AND product=tsxmrpf008m AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpp224k_firmware
OR
vendor=schneider-electric AND product=tsxmrpp224k AND version=-
AND
OR
vendor=schneider-electric AND product=tsxmrpp384k_firmware
OR
vendor=schneider-electric AND product=tsxmrpp384k AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2019-6851

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.