A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information from the controller when using TFTP protocol.
Max CVSS
7.5
EPSS Score
0.17%
Published
2019-10-29
Updated
2022-02-03
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when reading specific registers with the REST API of the controller/communication module.
Max CVSS
7.5
EPSS Score
0.17%
Published
2019-10-29
Updated
2019-11-01
A CWE-200: Information Exposure vulnerability exists in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321, which could cause the disclosure of sensitive information when using specific Modbus services provided by the REST API of the controller/communication module.
Max CVSS
7.5
EPSS Score
0.17%
Published
2019-10-29
Updated
2019-11-01
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause information disclosure when using the FTP protocol.
Max CVSS
6.5
EPSS Score
0.16%
Published
2019-10-29
Updated
2022-02-03
A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading files from the controller over Modbus
Max CVSS
7.5
EPSS Score
0.26%
Published
2019-05-22
Updated
2022-02-03
A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus.
Max CVSS
7.5
EPSS Score
0.24%
Published
2019-05-22
Updated
2022-02-03
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!