11 results (0.017 seconds)

CVSS: 7.5EPSS: 0%CPEs: 58EXPL: 0

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. La interfaz web de usuario de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones desde 1.0 hasta 1.34, es vulnerable a un ataque de denegación de servicio al realizar mas de 120 conexiones. • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.8EPSS: 0%CPEs: 58EXPL: 0

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. El WebUI de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones 1.0 a 1.34 es propenso a CSRF • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 9.8EPSS: 0%CPEs: 58EXPL: 0

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. El WebUI de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones 1.0 a 1.34 permite la transmisión de texto plano (HTTP) de las credenciales de usuario por defecto. • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-311: Missing Encryption of Sensitive Data •

CVSS: 5.3EPSS: 0%CPEs: 58EXPL: 0

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. El WebUI de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones 1.0 a 1.34 filtra información privada en imágenes de firmware. • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 58EXPL: 0

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts. El WebUI de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones anteriores a la 1.35 es vulnerable a ataques de fuerza bruta, debido a la Restricción Inapropiada de los Intentos de Autenticación Excesivos. • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-287: Improper Authentication •