Vulnerabilites related to wago - 750-352_firmware
cve-2020-12516
Vulnerability from cvelistv5
Published
2020-12-10 03:04
Modified
2024-09-16 22:14
Severity ?
EPSS score ?
Summary
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01 | x_refsource_MISC | |
| https://cert.vde.com/en-us/advisories/vde-2020-042 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | WAGO | 750-331/xxx-xxx |
Version: FW1<=FW10 |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "750-331/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-352",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-829",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-831/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-852",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-880/xxx-xxx",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-881",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-882",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-885",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
},
{
"product": "750-889",
"vendor": "WAGO",
"versions": [
{
"status": "affected",
"version": "FW1\u003c=FW10"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
}
],
"datePublic": "2020-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-22T21:14:49",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
],
"solutions": [
{
"lang": "en",
"value": "Update the device to the latest FW version."
}
],
"source": {
"advisory": "VDE-2020-042",
"defect": [
"VDE-2020-042"
],
"discovery": "UNKNOWN"
},
"title": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack",
"workarounds": [
{
"lang": "en",
"value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-12-09T09:00:00.000Z",
"ID": "CVE-2020-12516",
"STATE": "PUBLIC",
"TITLE": "WAGO: PLC families 750-88x and 750-352 prone to DoS attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "750-331/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-352",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-829",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-831/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-852",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-880/xxx-xxx",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-881",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-882",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-885",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
},
{
"product_name": "750-889",
"version": {
"version_data": [
{
"version_value": "FW1\u003c=FW10"
}
]
}
}
]
},
"vendor_name": "WAGO"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "These vulnerabilities were reported to WAGO by: William Knowles, Applied Risk. Coordination done by CERT@VDE."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
}
]
},
"exploit": [],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400 Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-042",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update the device to the latest FW version."
}
],
"source": {
"advisory": "VDE-2020-042",
"defect": [
"VDE-2020-042"
],
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Restrict network access to the device.\nDo not directly connect the device to the internet\nDisable unused TCP/UDP-ports"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12516",
"datePublished": "2020-12-10T03:04:17.186342Z",
"dateReserved": "2020-04-30T00:00:00",
"dateUpdated": "2024-09-16T22:14:10.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10712
Vulnerability from cvelistv5
Published
2019-05-07 21:20
Modified
2024-08-04 22:32
Severity ?
EPSS score ?
Summary
The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:01.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
},
{
"name": "108482",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108482"
},
{
"name": "[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-01T10:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
},
{
"name": "108482",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108482"
},
{
"name": "[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10712",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2019-008",
"refsource": "MISC",
"url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
},
{
"name": "108482",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108482"
},
{
"name": "[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3Ccommits.cassandra.apache.org%3E"
},
{
"name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3Ccommits.cassandra.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10712",
"datePublished": "2019-05-07T21:20:03",
"dateReserved": "2019-04-02T00:00:00",
"dateUpdated": "2024-08-04T22:32:01.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-12-10 03:15
Modified
2024-11-21 04:59
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| info@cert.vde.com | https://cert.vde.com/en-us/advisories/vde-2020-042 | Patch, Third Party Advisory | |
| info@cert.vde.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert.vde.com/en-us/advisories/vde-2020-042 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01 | Mitigation, Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wago | 750-352_firmware | * | |
| wago | 750-352 | - | |
| wago | 750-831_firmware | * | |
| wago | 750-831 | - | |
| wago | 750-852_firmware | * | |
| wago | 750-852 | - | |
| wago | 750-880_firmware | * | |
| wago | 750-880 | - | |
| wago | 750-881_firmware | * | |
| wago | 750-881 | - | |
| wago | 750-889_firmware | * | |
| wago | 750-889 | - | |
| wago | 750-331_firmware | * | |
| wago | 750-331 | - | |
| wago | 750-829_firmware | * | |
| wago | 750-829 | - | |
| wago | 750-882_firmware | * | |
| wago | 750-882 | - | |
| wago | 750-885_firmware | * | |
| wago | 750-885 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78ECDEAE-9136-4E34-AC21-7990A3AC2F3E",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0865A4-6C89-4470-98E3-7E90BDF94D15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83695276-2C24-4A4F-8CA8-ACEC00A4E026",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0631884-FF6F-4AA9-9D76-CDECB5A738FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0AB25-8F08-4D39-925F-36A39AB5EA45",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6739E1-EF0B-48EE-90FC-5708756FC362",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C47C0719-1510-4D5B-93E3-755F063858B9",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFEAC4D9-15CF-44B8-844D-C012AA4637A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB680C1-A42D-4332-844E-9F1AB9E42A19",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE51647-62C1-4D3C-91FA-13ACA6CD71D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B40CC58-169A-42C7-AE12-53BF4A3434E3",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57919AAB-2962-4543-810A-C143300351F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-331_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8523397F-F9DE-4525-BA22-EAEACF700E72",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-331:-:*:*:*:*:*:*:*",
"matchCriteriaId": "907712D2-72A3-46EB-9438-B35A2880E7BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6712FF6B-6117-4180-A0FA-8EE9276269C9",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88F6E08-2D1B-4B34-B8DB-40292C0BBEB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37F66F05-5B2A-49D2-B0D8-231E84B48A3A",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1379D65-F376-4618-B708-5E59D64C8033",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D07A46A0-27B3-45FA-BE7E-34495944E1AC",
"versionEndIncluding": "fw10",
"versionStartIncluding": "fw1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7712F56E-AEBA-4DE0-9172-26F3D29B369B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack."
},
{
"lang": "es",
"value": "Las versiones de firmware m\u00e1s antiguas (FW1 hasta FW10) de la familia de PLC WAGO 750-88x y 750-352, son vulnerables a un ataque de denegaci\u00f3n de servicio especial."
}
],
"id": "CVE-2020-12516",
"lastModified": "2024-11-21T04:59:50.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-10T03:15:11.593",
"references": [
{
"source": "info@cert.vde.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
},
{
"source": "info@cert.vde.com",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-308-01"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-05-07 22:29
Modified
2024-11-21 04:19
Severity ?
Summary
The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wago | 750-830_firmware | * | |
| wago | 750-830 | - | |
| wago | 750-849_firmware | * | |
| wago | 750-849 | - | |
| wago | 750-871_firmware | * | |
| wago | 750-871 | - | |
| wago | 750-872_firmware | * | |
| wago | 750-872 | - | |
| wago | 750-873_firmware | * | |
| wago | 750-873 | - | |
| wago | 750-330_firmware | * | |
| wago | 750-330 | - | |
| wago | 750-352_firmware | * | |
| wago | 750-352 | - | |
| wago | 750-829_firmware | * | |
| wago | 750-829 | - | |
| wago | 750-831_firmware | * | |
| wago | 750-831 | - | |
| wago | 750-852_firmware | * | |
| wago | 750-852 | - | |
| wago | 750-880_firmware | * | |
| wago | 750-880 | - | |
| wago | 750-881_firmware | * | |
| wago | 750-881 | - | |
| wago | 750-882_firmware | * | |
| wago | 750-882 | - | |
| wago | 750-884_firmware | * | |
| wago | 750-884 | - | |
| wago | 750-885_firmware | * | |
| wago | 750-885 | - | |
| wago | 750-889_firmware | * | |
| wago | 750-889 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-830_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBF6F1C-BE8B-446F-9F88-EE663E87A837",
"versionEndExcluding": "06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "535D9B38-A7F3-47A8-9107-30BCB67AA38A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-849_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D001AA5F-B765-4B96-8FD4-1C2FF596609D",
"versionEndExcluding": "08",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-849:-:*:*:*:*:*:*:*",
"matchCriteriaId": "408CF00F-D4F8-493C-B3F8-889E63E8EE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-871_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "076BEC2A-AA3E-4916-A5E1-304EAC6802FC",
"versionEndExcluding": "11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-871:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF67808-FAD2-4504-91AB-3545AC650053",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-872_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34539AFB-A7AD-4684-9AEA-C9AC0CE3E06E",
"versionEndExcluding": "07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-872:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1071B49C-C632-4E24-84AD-D7921970369A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-873_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0284154D-CD73-42B2-9866-3145DBB5EDD9",
"versionEndExcluding": "07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-873:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B31C89-B021-4390-B50F-9D4DE9E80C71",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-330_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A79C49B6-7004-44BB-A74E-9349A0CB692E",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E75CD3-9934-44E2-8B43-D7490741AA27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E001859-A338-43DA-877E-C43F57E7F9AD",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C0865A4-6C89-4470-98E3-7E90BDF94D15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2A6682-1879-4BA1-A253-2E0B386EC962",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F88F6E08-2D1B-4B34-B8DB-40292C0BBEB2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3631065F-27D6-4217-84EA-A8B40CC1F38F",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0631884-FF6F-4AA9-9D76-CDECB5A738FC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E940C38-F03A-4D81-9AEA-C3CAC90916E8",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6739E1-EF0B-48EE-90FC-5708756FC362",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5974664-66D9-45BC-8977-98E3CE1D282F",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFEAC4D9-15CF-44B8-844D-C012AA4637A2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72B66D0B-53CF-4018-831A-5A67CBA51B14",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE51647-62C1-4D3C-91FA-13ACA6CD71D2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BC71AA4-B3F4-40AE-8BEF-C45FECF79359",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1379D65-F376-4618-B708-5E59D64C8033",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-884_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B52C0C64-C91C-4B4C-80A7-CF19BC7CF15B",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-884:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13E1FF30-AA64-4EEB-8A7E-E6C118BB638E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C479541-01CF-4CA6-B35F-80D6DC756AFE",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7712F56E-AEBA-4DE0-9172-26F3D29B369B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF2B7B07-532C-4D7B-B168-A9C3700EE8DD",
"versionEndExcluding": "14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57919AAB-2962-4543-810A-C143300351F8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access."
},
{
"lang": "es",
"value": "Los dispositivos Web-GUI de las series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) y 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) de WAGO disponen de acceso a servicios no documentados."
}
],
"id": "CVE-2019-10712",
"lastModified": "2024-11-21T04:19:47.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-07T22:29:00.207",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/108482"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/108482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}