CVE-2019-5107
First published: Tue Mar 10 2020(Updated: )
A cleartext transmission vulnerability exists in the network communication functionality of WAGO e!Cockpit version 1.5.1.1. An attacker with access to network traffic can easily intercept, interpret, and manipulate data coming from, or destined for e!Cockpit. This includes passwords, configurations, and binaries being transferred to endpoints.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wago E!cockpit | =1.5.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-5107?
CVE-2019-5107 is classified as a high severity vulnerability due to its potential for exposing sensitive data.
How do I fix CVE-2019-5107?
To fix CVE-2019-5107, it is recommended to upgrade WAGO e!Cockpit to a more secure version that addresses this cleartext transmission issue.
What types of data are affected by CVE-2019-5107?
CVE-2019-5107 affects sensitive data such as passwords and configuration information being transmitted over the network.
Can CVE-2019-5107 be exploited remotely?
Yes, CVE-2019-5107 can be exploited by an attacker who has access to the network traffic, allowing them to intercept and manipulate data.
Which software version is impacted by CVE-2019-5107?
CVE-2019-5107 specifically impacts WAGO e!Cockpit version 1.5.1.1.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/wago
- canonical/wago e!cockpit
- version/wago e!cockpit/1.5.1.1