CVE-2019-6846
First published: Tue Oct 29 2019(Updated: )
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause information disclosure when using the FTP protocol.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Modicon M580 Firmware | ||
| Schneider-electric Modicon M580 | ||
| Schneider-electric Modicon M340 Firmware | ||
| Schneider-electric Modicon M340 | ||
| Schneider-electric Modicon Bmxcra Firmware | ||
| Schneider-electric Modicon Bmxcra | ||
| Schneider-electric Modicon 140cra Firmware | ||
| Schneider-electric Modicon 140cra |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability CVE-2019-6846?
The vulnerability CVE-2019-6846 is a CWE-319: Cleartext Transmission of Sensitive Information vulnerability that exists in Modicon M580, Modicon M340, Modicon BMxCRA, and 140CRA modules when using the FTP protocol.
What software is affected by CVE-2019-6846?
The following software is affected by CVE-2019-6846: Schneider-electric Modicon M580 Firmware, Schneider-electric Modicon M340 Firmware, Schneider-electric Modicon Bmxcra Firmware, and Schneider-electric Modicon 140cra Firmware.
What is the severity of CVE-2019-6846?
CVE-2019-6846 has a severity level of medium with a severity value of 6.5.
How can I fix CVE-2019-6846?
To fix CVE-2019-6846, it is recommended to apply the necessary firmware updates provided by Schneider Electric.
Where can I find more information about CVE-2019-6846?
You can find more information about CVE-2019-6846 at the following link: https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-281-02
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/references
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/schneider-electric
- canonical/schneider-electric modicon m580 firmware
- canonical/schneider-electric modicon m580
- canonical/schneider-electric modicon m340 firmware
- canonical/schneider-electric modicon m340
- canonical/schneider-electric modicon bmxcra firmware
- canonical/schneider-electric modicon bmxcra
- canonical/schneider-electric modicon 140cra firmware
- canonical/schneider-electric modicon 140cra