CVSS: 7.5EPSS: 0%CPEs: 58EXPL: 0CVE-2018-13994
https://notcve.org/view.php?id=CVE-2018-13994
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. La interfaz web de usuario de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones desde 1.0 hasta 1.34, es vulnerable a un ataque de denegación de servicio al realizar mas de 120 conexiones. • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 58EXPL: 0CVE-2018-13993
https://notcve.org/view.php?id=CVE-2018-13993
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. El WebUI de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones 1.0 a 1.34 es propenso a CSRF • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 58EXPL: 0CVE-2018-13992
https://notcve.org/view.php?id=CVE-2018-13992
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. El WebUI de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones 1.0 a 1.34 permite la transmisión de texto plano (HTTP) de las credenciales de usuario por defecto. • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.3EPSS: 0%CPEs: 58EXPL: 0CVE-2018-13991
https://notcve.org/view.php?id=CVE-2018-13991
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. El WebUI de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones 1.0 a 1.34 filtra información privada en imágenes de firmware. • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 58EXPL: 0CVE-2018-13990
https://notcve.org/view.php?id=CVE-2018-13990
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts. El WebUI de PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versiones anteriores a la 1.35 es vulnerable a ataques de fuerza bruta, debido a la Restricción Inapropiada de los Intentos de Autenticación Excesivos. • http://www.securityfocus.com/bid/106737 https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02 • CWE-287: Improper Authentication •