cvelistv5 - cve-2019-10712

CVE-2019-10712 (GCVE-0-2019-10712)

Vulnerability from cvelistv5 – Published: 2019-05-07 21:20 – Updated: 2024-08-04 22:32

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://cert.vde.com/de-de/advisories/vde-2019-008	x_refsource_MISC
	http://www.securityfocus.com/bid/108482	vdb-entryx_refsource_BID
	https://lists.apache.org/thread.html/r25e25973e95…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/ra37700b8427…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r0066c1e8626…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r37eb6579fa0…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/rb47911c179c…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r38696678003…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r80e8882c86c…	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:32:01.465Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
          },
          {
            "name": "108482",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108482"
          },
          {
            "name": "[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-04-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-01T10:06:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
        },
        {
          "name": "108482",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108482"
        },
        {
          "name": "[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E"
        },
        {
          "name": "[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E"
        },
        {
          "name": "[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E"
        },
        {
          "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E"
        },
        {
          "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E"
        },
        {
          "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E"
        },
        {
          "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-10712",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/de-de/advisories/vde-2019-008",
              "refsource": "MISC",
              "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
            },
            {
              "name": "108482",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108482"
            },
            {
              "name": "[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3Ccommits.cassandra.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-10712",
    "datePublished": "2019-05-07T21:20:03",
    "dateReserved": "2019-04-02T00:00:00",
    "dateUpdated": "2024-08-04T22:32:01.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-830_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"06\", \"matchCriteriaId\": \"0BBF6F1C-BE8B-446F-9F88-EE663E87A837\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-830:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"535D9B38-A7F3-47A8-9107-30BCB67AA38A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-849_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"08\", \"matchCriteriaId\": \"D001AA5F-B765-4B96-8FD4-1C2FF596609D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-849:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"408CF00F-D4F8-493C-B3F8-889E63E8EE9C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-871_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11\", \"matchCriteriaId\": \"076BEC2A-AA3E-4916-A5E1-304EAC6802FC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-871:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CF67808-FAD2-4504-91AB-3545AC650053\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-872_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"07\", \"matchCriteriaId\": \"34539AFB-A7AD-4684-9AEA-C9AC0CE3E06E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-872:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1071B49C-C632-4E24-84AD-D7921970369A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-873_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"07\", \"matchCriteriaId\": \"0284154D-CD73-42B2-9866-3145DBB5EDD9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-873:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5B31C89-B021-4390-B50F-9D4DE9E80C71\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-330_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"A79C49B6-7004-44BB-A74E-9349A0CB692E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-330:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1E75CD3-9934-44E2-8B43-D7490741AA27\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"8E001859-A338-43DA-877E-C43F57E7F9AD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C0865A4-6C89-4470-98E3-7E90BDF94D15\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"AB2A6682-1879-4BA1-A253-2E0B386EC962\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F88F6E08-2D1B-4B34-B8DB-40292C0BBEB2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"3631065F-27D6-4217-84EA-A8B40CC1F38F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0631884-FF6F-4AA9-9D76-CDECB5A738FC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"1E940C38-F03A-4D81-9AEA-C3CAC90916E8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D6739E1-EF0B-48EE-90FC-5708756FC362\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"A5974664-66D9-45BC-8977-98E3CE1D282F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFEAC4D9-15CF-44B8-844D-C012AA4637A2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"72B66D0B-53CF-4018-831A-5A67CBA51B14\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FE51647-62C1-4D3C-91FA-13ACA6CD71D2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"7BC71AA4-B3F4-40AE-8BEF-C45FECF79359\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1379D65-F376-4618-B708-5E59D64C8033\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-884_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"B52C0C64-C91C-4B4C-80A7-CF19BC7CF15B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-884:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13E1FF30-AA64-4EEB-8A7E-E6C118BB638E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"0C479541-01CF-4CA6-B35F-80D6DC756AFE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7712F56E-AEBA-4DE0-9172-26F3D29B369B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"14\", \"matchCriteriaId\": \"FF2B7B07-532C-4D7B-B168-A9C3700EE8DD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57919AAB-2962-4543-810A-C143300351F8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.\"}, {\"lang\": \"es\", \"value\": \"Los dispositivos Web-GUI de las series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) y 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) de WAGO disponen de acceso a servicios no documentados.\"}]",
      "id": "CVE-2019-10712",
      "lastModified": "2024-11-21T04:19:47.313",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-05-07T22:29:00.207",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/108482\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://cert.vde.com/de-de/advisories/vde-2019-008\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/108482\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://cert.vde.com/de-de/advisories/vde-2019-008\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-10712\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-05-07T22:29:00.207\",\"lastModified\":\"2024-11-21T04:19:47.313\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos Web-GUI de las series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) y 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) de WAGO disponen de acceso a servicios no documentados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-830_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"06\",\"matchCriteriaId\":\"0BBF6F1C-BE8B-446F-9F88-EE663E87A837\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-830:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"535D9B38-A7F3-47A8-9107-30BCB67AA38A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-849_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"08\",\"matchCriteriaId\":\"D001AA5F-B765-4B96-8FD4-1C2FF596609D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-849:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"408CF00F-D4F8-493C-B3F8-889E63E8EE9C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-871_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11\",\"matchCriteriaId\":\"076BEC2A-AA3E-4916-A5E1-304EAC6802FC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-871:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF67808-FAD2-4504-91AB-3545AC650053\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-872_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"07\",\"matchCriteriaId\":\"34539AFB-A7AD-4684-9AEA-C9AC0CE3E06E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-872:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1071B49C-C632-4E24-84AD-D7921970369A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-873_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"07\",\"matchCriteriaId\":\"0284154D-CD73-42B2-9866-3145DBB5EDD9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-873:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5B31C89-B021-4390-B50F-9D4DE9E80C71\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-330_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"A79C49B6-7004-44BB-A74E-9349A0CB692E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-330:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1E75CD3-9934-44E2-8B43-D7490741AA27\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"8E001859-A338-43DA-877E-C43F57E7F9AD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C0865A4-6C89-4470-98E3-7E90BDF94D15\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"AB2A6682-1879-4BA1-A253-2E0B386EC962\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F88F6E08-2D1B-4B34-B8DB-40292C0BBEB2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"3631065F-27D6-4217-84EA-A8B40CC1F38F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0631884-FF6F-4AA9-9D76-CDECB5A738FC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"1E940C38-F03A-4D81-9AEA-C3CAC90916E8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D6739E1-EF0B-48EE-90FC-5708756FC362\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"A5974664-66D9-45BC-8977-98E3CE1D282F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFEAC4D9-15CF-44B8-844D-C012AA4637A2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"72B66D0B-53CF-4018-831A-5A67CBA51B14\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FE51647-62C1-4D3C-91FA-13ACA6CD71D2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"7BC71AA4-B3F4-40AE-8BEF-C45FECF79359\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1379D65-F376-4618-B708-5E59D64C8033\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-884_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"B52C0C64-C91C-4B4C-80A7-CF19BC7CF15B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-884:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13E1FF30-AA64-4EEB-8A7E-E6C118BB638E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"0C479541-01CF-4CA6-B35F-80D6DC756AFE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7712F56E-AEBA-4DE0-9172-26F3D29B369B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14\",\"matchCriteriaId\":\"FF2B7B07-532C-4D7B-B168-A9C3700EE8DD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57919AAB-2962-4543-810A-C143300351F8\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/108482\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://cert.vde.com/de-de/advisories/vde-2019-008\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/108482\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert.vde.com/de-de/advisories/vde-2019-008\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ICSA-19-106-02

Vulnerability from csaf_cisa - Published: 2019-04-16 00:00 - Updated: 2019-04-16 00:00

Summary

WAGO Series 750-88x and 750-87x

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

This vulnerability allows a remote attacker to change the settings or alter the programming of the device.

Critical infrastructure sectors

Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems

Countries/areas deployed

Worldwide

Company headquarters location

United States, Germany, Switzerland, Poland, China, India

Recommended Practices

NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "J\u00f6rn Schneeweisz"
        ],
        "organization": "Recurity Labs",
        "summary": "reporting to CERT-Bund"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "This vulnerability allows a remote attacker to change the settings or alter the programming of the device.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "United States, Germany, Switzerland, Poland, China, India",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-106-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-106-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-106-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-106-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "WAGO Series 750-88x and 750-87x",
    "tracking": {
      "current_release_date": "2019-04-16T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-19-106-02",
      "initial_release_date": "2019-04-16T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2019-04-16T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-19-106-02 WAGO Series 750-88x and 750-87x"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-880: firmware versions prior to FW14",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "750-880"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW11",
                "product": {
                  "name": "750-871: firmware versions prior to FW11",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "750-871"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW07",
                "product": {
                  "name": "750-872: firmware versions prior to FW07",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "750-872"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-884: firmware versions prior to FW14",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "750-884"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-882: firmware versions prior to FW14",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "750-882"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-829: firmware versions prior to FW14",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "750-829"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-881: firmware versions prior to FW14",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "750-881"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW06",
                "product": {
                  "name": "750-830: firmware versions prior to FW06",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "750-830"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW08",
                "product": {
                  "name": "750-849: firmware versions prior to FW08",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "750-849"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-852: firmware versions prior to FW14",
                  "product_id": "CSAFPID-00010"
                }
              }
            ],
            "category": "product_name",
            "name": "750-852"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-885: firmware versions prior to FW14",
                  "product_id": "CSAFPID-00011"
                }
              }
            ],
            "category": "product_name",
            "name": "750-885"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW07",
                "product": {
                  "name": "750-873: firmware versions prior to FW07",
                  "product_id": "CSAFPID-00012"
                }
              }
            ],
            "category": "product_name",
            "name": "750-873"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-889: firmware versions prior to FW14",
                  "product_id": "CSAFPID-00013"
                }
              }
            ],
            "category": "product_name",
            "name": "750-889"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-330: firmware versions prior to FW14",
                  "product_id": "CSAFPID-00014"
                }
              }
            ],
            "category": "product_name",
            "name": "750-330"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-352: firmware versions prior to FW14",
                  "product_id": "CSAFPID-00015"
                }
              }
            ],
            "category": "product_name",
            "name": "750-352"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c FW14",
                "product": {
                  "name": "750-831: firmware versions prior to FW14",
                  "product_id": "CSAFPID-00016"
                }
              }
            ],
            "category": "product_name",
            "name": "750-831"
          }
        ],
        "category": "vendor",
        "name": "WAGO"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-10712",
      "cwe": {
        "id": "CWE-798",
        "name": "Use of Hard-coded Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "By exploiting the undocumented service access, it is possible to change the settings of a device and access web-based management with administrator privileges. An attacker can exploit this vulnerability to lock other users out from the device or open closed network ports. It is also possible to use this service access as an FTP user and exchange or delete the application.CVE-2019-10712 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10712"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "WAGO released a security advisory available at:https://www.wago.com/de/download/public/Sicherheitshinweis-SA-SYS-2019-001/SA-SYS-2019-001.pdf",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ],
          "url": "https://www.wago.com/de/download/public/Sicherheitshinweis-SA-SYS-2019-001/SA-SYS-2019-001.pdf"
        },
        {
          "category": "mitigation",
          "details": "Restrict network access to the web server.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        },
        {
          "category": "mitigation",
          "details": "Restrict network access to the device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not directly connect the device to the Internet.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        },
        {
          "category": "mitigation",
          "details": "CERT@VDE has published an advisory regarding this vulnerability at the following location:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2019-008"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        }
      ]
    }
  ]
}

GHSA-R6GG-5RM9-XP64

Vulnerability from github – Published: 2022-05-24 16:45 – Updated: 2022-05-24 16:45

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-10712"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-07T22:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.",
  "id": "GHSA-r6gg-5rm9-xp64",
  "modified": "2022-05-24T16:45:19Z",
  "published": "2022-05-24T16:45:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10712"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/108482"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201905-1110

Vulnerability from variot - Updated: 2023-12-18 13:47

The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. Wago series 750-88x and 750-87x The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state.

WAGO Series 750-88x and 750-87x have a vulnerability in trust management issues. The vulnerability stems from the lack of effective trust management mechanisms in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates and other attacks. Components. Successfully exploiting this issue allows a remote attacker to change the settings or alter the programming of the device. The following versions of Series 750-88x and 750-87x are affected: 750-330 firmware versions prior to FW14 750-352 firmware versions prior to FW14 750-829 firmware versions prior to FW14 750-831 firmware versions prior to FW14 750-852 firmware versions prior to FW14 750-880 firmware versions prior to FW14 750-881 firmware versions prior to FW14 750-882 firmware versions prior to FW14 750-884 firmware versions prior to FW14 750-885 firmware versions prior to FW14 750-889 firmware versions prior to FW14 750-830 firmware versions prior to FW06 750-849 firmware versions prior to FW08 750-871 firmware versions prior to FW11 750-872 firmware versions prior to FW07 750-873 firmware versions prior to FW07

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1110",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "750-881",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-885",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-831",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-852",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-882",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-880",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-884",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-829",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-872",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "07"
      },
      {
        "model": "750-871",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "11"
      },
      {
        "model": "750-873",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "07"
      },
      {
        "model": "750-889",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-330",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-830",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "06"
      },
      {
        "model": "750-352",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "14"
      },
      {
        "model": "750-849",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "wago",
        "version": "08"
      },
      {
        "model": "750-330",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-352",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-829",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-830",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-831",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-849",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-852",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-871",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-872",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "750-873",
        "scope": null,
        "trust": 0.8,
        "vendor": "wago",
        "version": null
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-330"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-352"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-829"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-831"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-852"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-880"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-881"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-882"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-884"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-885"
      },
      {
        "model": "\u003cfw14",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-889"
      },
      {
        "model": "\u003cfw06",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-830"
      },
      {
        "model": "\u003cfw08",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-849"
      },
      {
        "model": "\u003cfw11",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-871"
      },
      {
        "model": "\u003cfw07",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-872"
      },
      {
        "model": "\u003cfw07",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "wago",
        "version": "750-873"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8890"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8850"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8840"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8820"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8810"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8800"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8730"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8720"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8710"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8520"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8490"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8310"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8300"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-8290"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-3520"
      },
      {
        "model": "series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-3300"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-88914"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-88514"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-88414"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-88214"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-88114"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-88014"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-87307"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-87207"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-87111"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-85214"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-84908"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-83114"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-83006"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-82914"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-35214"
      },
      {
        "model": "series",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "wago",
        "version": "750-33014"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "db": "BID",
        "id": "108482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10712"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-830_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "06",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-830:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-849_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-849:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-871_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "11",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-871:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-872_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "07",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-872:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-873_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "07",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-873:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-330_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-330:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-884_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-884:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10712"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "J??rn Schneeweisz/Recurity Labs,Reported by J?rn Schneeweisz/Recurity Labs to CERT-Bund coordinated by CERT@VDE with NCCIC.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10712",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2019-10712",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-36951",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-10712",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-10712",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-36951",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201904-768",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-10712",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10712"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10712"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. Wago series 750-88x and 750-87x The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \n\r\n\r\nWAGO Series 750-88x and 750-87x have a vulnerability in trust management issues. The vulnerability stems from the lack of effective trust management mechanisms in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates and other attacks. Components. \nSuccessfully exploiting this issue allows a remote attacker to change the settings or alter the programming of the device. \nThe following versions of Series 750-88x and 750-87x are affected:\n750-330 firmware versions prior to FW14\n750-352 firmware versions prior to FW14\n750-829 firmware versions prior to FW14\n750-831 firmware versions prior to FW14\n750-852 firmware versions prior to FW14\n750-880 firmware versions prior to FW14\n750-881 firmware versions prior to FW14\n750-882 firmware versions prior to FW14\n750-884 firmware versions prior to FW14\n750-885 firmware versions prior to FW14\n750-889 firmware versions prior to FW14\n750-830 firmware versions prior to FW06\n750-849 firmware versions prior to FW08\n750-871 firmware versions prior to FW11\n750-872 firmware versions prior to FW07\n750-873 firmware versions prior to FW07",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10712"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "db": "BID",
        "id": "108482"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10712"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10712",
        "trust": 3.4
      },
      {
        "db": "CERT@VDE",
        "id": "VDE-2019-008",
        "trust": 2.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-106-02",
        "trust": 2.4
      },
      {
        "db": "BID",
        "id": "108482",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1311",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10712",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10712"
      },
      {
        "db": "BID",
        "id": "108482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10712"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ]
  },
  "id": "VAR-201905-1110",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      }
    ],
    "trust": 1.438023100909091
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:47:55.348000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
        "trust": 0.8,
        "url": "http://global.wago.com/jp/"
      },
      {
        "title": "Patch for WAGO 750-88x Series and WAGO 750-87x Series Trust Management Issue Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/225033"
      },
      {
        "title": "WAGO 750-88x Series  and WAGO 750-87x Series Repair measures for trust management problem vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91566"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-798",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10712"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "http://www.securityfocus.com/bid/108482"
      },
      {
        "trust": 2.5,
        "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10712"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 1.0,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-106-02"
      },
      {
        "trust": 0.9,
        "url": "http://www.wago.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10712"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-106-02"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-106-02"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3ccommits.cassandra.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/79170"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/798.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10712"
      },
      {
        "db": "BID",
        "id": "108482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10712"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10712"
      },
      {
        "db": "BID",
        "id": "108482"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10712"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-07-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "date": "2019-05-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10712"
      },
      {
        "date": "2019-05-28T00:00:00",
        "db": "BID",
        "id": "108482"
      },
      {
        "date": "2019-06-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "date": "2019-05-07T22:29:00.207000",
        "db": "NVD",
        "id": "CVE-2019-10712"
      },
      {
        "date": "2019-04-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-07-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "date": "2023-11-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10712"
      },
      {
        "date": "2019-05-28T00:00:00",
        "db": "BID",
        "id": "108482"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004431"
      },
      {
        "date": "2023-11-07T03:02:32.620000",
        "db": "NVD",
        "id": "CVE-2019-10712"
      },
      {
        "date": "2020-10-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WAGO 750-88x Series and WAGO 750-87x Series Trust Management Issue Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-36951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-768"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2019-10712

Vulnerability from fkie_nvd - Published: 2019-05-07 22:29 - Updated: 2024-11-21 04:19

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/108482
cve@mitre.org	https://cert.vde.com/de-de/advisories/vde-2019-008	Third Party Advisory
cve@mitre.org	https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E
cve@mitre.org	https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108482
af854a3a-2127-422b-91ae-364da2661108	https://cert.vde.com/de-de/advisories/vde-2019-008	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E

Impacted products

Vendor	Product	Version
wago	750-830_firmware	*
wago	750-830	-
wago	750-849_firmware	*
wago	750-849	-
wago	750-871_firmware	*
wago	750-871	-
wago	750-872_firmware	*
wago	750-872	-
wago	750-873_firmware	*
wago	750-873	-
wago	750-330_firmware	*
wago	750-330	-
wago	750-352_firmware	*
wago	750-352	-
wago	750-829_firmware	*
wago	750-829	-
wago	750-831_firmware	*
wago	750-831	-
wago	750-852_firmware	*
wago	750-852	-
wago	750-880_firmware	*
wago	750-880	-
wago	750-881_firmware	*
wago	750-881	-
wago	750-882_firmware	*
wago	750-882	-
wago	750-884_firmware	*
wago	750-884	-
wago	750-885_firmware	*
wago	750-885	-
wago	750-889_firmware	*
wago	750-889	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-830_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BBF6F1C-BE8B-446F-9F88-EE663E87A837",
              "versionEndExcluding": "06",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-830:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "535D9B38-A7F3-47A8-9107-30BCB67AA38A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-849_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D001AA5F-B765-4B96-8FD4-1C2FF596609D",
              "versionEndExcluding": "08",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-849:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "408CF00F-D4F8-493C-B3F8-889E63E8EE9C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-871_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "076BEC2A-AA3E-4916-A5E1-304EAC6802FC",
              "versionEndExcluding": "11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-871:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF67808-FAD2-4504-91AB-3545AC650053",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-872_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34539AFB-A7AD-4684-9AEA-C9AC0CE3E06E",
              "versionEndExcluding": "07",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-872:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1071B49C-C632-4E24-84AD-D7921970369A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-873_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0284154D-CD73-42B2-9866-3145DBB5EDD9",
              "versionEndExcluding": "07",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-873:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B31C89-B021-4390-B50F-9D4DE9E80C71",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-330_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79C49B6-7004-44BB-A74E-9349A0CB692E",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-330:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E75CD3-9934-44E2-8B43-D7490741AA27",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E001859-A338-43DA-877E-C43F57E7F9AD",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C0865A4-6C89-4470-98E3-7E90BDF94D15",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB2A6682-1879-4BA1-A253-2E0B386EC962",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F88F6E08-2D1B-4B34-B8DB-40292C0BBEB2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3631065F-27D6-4217-84EA-A8B40CC1F38F",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0631884-FF6F-4AA9-9D76-CDECB5A738FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E940C38-F03A-4D81-9AEA-C3CAC90916E8",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D6739E1-EF0B-48EE-90FC-5708756FC362",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5974664-66D9-45BC-8977-98E3CE1D282F",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFEAC4D9-15CF-44B8-844D-C012AA4637A2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B66D0B-53CF-4018-831A-5A67CBA51B14",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FE51647-62C1-4D3C-91FA-13ACA6CD71D2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BC71AA4-B3F4-40AE-8BEF-C45FECF79359",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1379D65-F376-4618-B708-5E59D64C8033",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-884_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B52C0C64-C91C-4B4C-80A7-CF19BC7CF15B",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-884:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E1FF30-AA64-4EEB-8A7E-E6C118BB638E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C479541-01CF-4CA6-B35F-80D6DC756AFE",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7712F56E-AEBA-4DE0-9172-26F3D29B369B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF2B7B07-532C-4D7B-B168-A9C3700EE8DD",
              "versionEndExcluding": "14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57919AAB-2962-4543-810A-C143300351F8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access."
    },
    {
      "lang": "es",
      "value": "Los dispositivos Web-GUI de las series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) y 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) de WAGO disponen de acceso a servicios no documentados."
    }
  ],
  "id": "CVE-2019-10712",
  "lastModified": "2024-11-21T04:19:47.313",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-07T22:29:00.207",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/108482"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2%40%3Ccommits.cassandra.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1%40%3Ccommits.cassandra.apache.org%3E"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2019-10712

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-10712

Aliases

CVE-2019-10712

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-10712",
    "description": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.",
    "id": "GSD-2019-10712"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-10712"
      ],
      "details": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access.",
      "id": "GSD-2019-10712",
      "modified": "2023-12-13T01:23:59.293005Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2019-10712",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert.vde.com/de-de/advisories/vde-2019-008",
            "refsource": "MISC",
            "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
          },
          {
            "name": "108482",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/108482"
          },
          {
            "name": "[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3Ccommits.cassandra.apache.org%3E"
          },
          {
            "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3Ccommits.cassandra.apache.org%3E"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-830_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "06",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-830:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-849_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-849:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-871_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "11",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-871:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-872_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "07",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-872:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-873_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "07",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-873:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-330_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-330:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-352_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-352:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-884_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-884:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "14",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-10712"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-798"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/de-de/advisories/vde-2019-008",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://cert.vde.com/de-de/advisories/vde-2019-008"
            },
            {
              "name": "108482",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/108482"
            },
            {
              "name": "[cassandra-commits] 20200407 [jira] [Created] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r25e25973e9577c62fd0221b4b52990851adf11cbe33036bd67d4b13d@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200413 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/ra37700b842790883b9082e6b281fb7596f571b13078a4856cd38f2c2@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200420 [jira] [Updated] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r37eb6579fa0bf94a72b6c978e2fee96f68a2b1b3ac1b1ce60aee86cf@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200420 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rb47911c179c9f3e8ea3f134b5645e63cd20c6fc63bd0b43ab5864bd1@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r386966780034aadee69ffd82d44555117c9339545b9ce990fe490a3e@%3Ccommits.cassandra.apache.org%3E"
            },
            {
              "name": "[cassandra-commits] 20200901 [jira] [Commented] (CASSANDRA-15701) Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r80e8882c86c9c17a57396a5ef7c4f08878d629a0291243411be0de3a@%3Ccommits.cassandra.apache.org%3E"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-10-01T11:15Z",
      "publishedDate": "2019-05-07T22:29Z"
    }
  }
}

CNVD-2020-36951

Vulnerability from cnvd - Published: 2020-07-09

Title

WAGO 750-88x Series和WAGO 750-87x Series信任管理问题漏洞

Description

WAGO 750-88x Series和WAGO 750-87x Series都是德国WAGO公司的产品。WAGO 750-88x Series是一款750-88x系列可编程逻辑控制器。WAGO 750-87x Series是一款750-87x系列可编程逻辑控制器。 WAGO Series 750-88x和750-87x中存在信任管理问题漏洞，该漏洞源于网络系统或产品中缺乏有效的信任管理机制，攻击者可利用默认密码或者硬编码密码、硬编码证书等攻击受影响组件。

Severity

高

Patch Name

WAGO 750-88x Series和WAGO 750-87x Series信任管理问题漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.wago.com/de/download/public/Sicherheitshinweis-SA-SYS-2019-001/SA-SYS-2019-001.pdf

Reference

https://us-cert.cisa.gov/ics/advisories/ICSA-19-106-02

Impacted products

Name
['WAGO 750-330 <FW14', 'WAGO 750-352 <FW14', 'WAGO 750-829 <FW14', 'WAGO 750-831 <FW14', 'WAGO 750-852 <FW14', 'WAGO 750-880 <FW14', 'WAGO 750-881 <FW14', 'WAGO 750-882 <FW14', 'WAGO 750-884 <FW14', 'WAGO 750-885 <FW14', 'WAGO 750-889 <FW14', 'WAGO 750-830 <FW06', 'WAGO 750-849 <FW08', 'WAGO 750-871 <FW11', 'WAGO 750-872 <FW07', 'WAGO 750-873 <FW07']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-10712",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10712"
    }
  },
  "description": "WAGO 750-88x Series\u548cWAGO 750-87x Series\u90fd\u662f\u5fb7\u56fdWAGO\u516c\u53f8\u7684\u4ea7\u54c1\u3002WAGO 750-88x Series\u662f\u4e00\u6b3e750-88x\u7cfb\u5217\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\u3002WAGO 750-87x Series\u662f\u4e00\u6b3e750-87x\u7cfb\u5217\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\u3002\n\nWAGO Series 750-88x\u548c750-87x\u4e2d\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u4e2d\u7f3a\u4e4f\u6709\u6548\u7684\u4fe1\u4efb\u7ba1\u7406\u673a\u5236\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u9ed8\u8ba4\u5bc6\u7801\u6216\u8005\u786c\u7f16\u7801\u5bc6\u7801\u3001\u786c\u7f16\u7801\u8bc1\u4e66\u7b49\u653b\u51fb\u53d7\u5f71\u54cd\u7ec4\u4ef6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.wago.com/de/download/public/Sicherheitshinweis-SA-SYS-2019-001/SA-SYS-2019-001.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-36951",
  "openTime": "2020-07-09",
  "patchDescription": "WAGO 750-88x Series\u548cWAGO 750-87x Series\u90fd\u662f\u5fb7\u56fdWAGO\u516c\u53f8\u7684\u4ea7\u54c1\u3002WAGO 750-88x Series\u662f\u4e00\u6b3e750-88x\u7cfb\u5217\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\u3002WAGO 750-87x Series\u662f\u4e00\u6b3e750-87x\u7cfb\u5217\u53ef\u7f16\u7a0b\u903b\u8f91\u63a7\u5236\u5668\u3002\r\n\r\nWAGO Series 750-88x\u548c750-87x\u4e2d\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u4e2d\u7f3a\u4e4f\u6709\u6548\u7684\u4fe1\u4efb\u7ba1\u7406\u673a\u5236\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u9ed8\u8ba4\u5bc6\u7801\u6216\u8005\u786c\u7f16\u7801\u5bc6\u7801\u3001\u786c\u7f16\u7801\u8bc1\u4e66\u7b49\u653b\u51fb\u53d7\u5f71\u54cd\u7ec4\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "WAGO 750-88x Series\u548cWAGO 750-87x Series\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "WAGO 750-330 \u003cFW14",
      "WAGO 750-352 \u003cFW14",
      "WAGO 750-829 \u003cFW14",
      "WAGO 750-831 \u003cFW14",
      "WAGO 750-852 \u003cFW14",
      "WAGO 750-880 \u003cFW14",
      "WAGO 750-881 \u003cFW14",
      "WAGO 750-882 \u003cFW14",
      "WAGO 750-884 \u003cFW14",
      "WAGO 750-885 \u003cFW14",
      "WAGO 750-889 \u003cFW14",
      "WAGO 750-830 \u003cFW06",
      "WAGO 750-849 \u003cFW08",
      "WAGO 750-871 \u003cFW11",
      "WAGO 750-872 \u003cFW07",
      "WAGO 750-873 \u003cFW07"
    ]
  },
  "referenceLink": "https://us-cert.cisa.gov/ics/advisories/ICSA-19-106-02",
  "serverity": "\u9ad8",
  "submitTime": "2019-04-18",
  "title": "WAGO 750-88x Series\u548cWAGO 750-87x Series\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-10712 (GCVE-0-2019-10712)

ICSA-19-106-02

GHSA-R6GG-5RM9-XP64

VAR-201905-1110

FKIE_CVE-2019-10712

GSD-2019-10712

CNVD-2020-36951

Tags

Sightings

Nomenclature