First published: Wed Apr 22 2020(Updated: )
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed).
Credit: cybersecurity@ch.abb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Abb Tg\/s3.2 Firmware | ||
Abb Tg\/s3.2 | ||
Busch-jaeger 6186\/11 Firmware | ||
Busch-jaeger 6186\/11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-19107 is a vulnerability in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway that allows the password to be transferred in plaintext.
CVE-2019-19107 has a severity rating of 5.5 (medium).
ABB Telephone Gateway TG/S 3.2 firmware and Busch-Jaeger 6186/11 firmware are affected by CVE-2019-19107.
To mitigate CVE-2019-19107, it is recommended to update the firmware of ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway to the latest version provided by the vendor.
More information about CVE-2019-19107 can be found at the following reference link: [https://search.abb.com/library/Download.aspx?DocumentID=9AKK107680A3921&LanguageCode=en&DocumentPartId=&Action=Launch](https://search.abb.com/library/Download.aspx?DocumentID=9AKK107680A3921&LanguageCode=en&DocumentPartId=&Action=Launch)