First published: Wed Nov 20 2019(Updated: )
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.
Credit: cybersecurity@se.com
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Andover Continuum 9680 Firmware | ||
Schneider-electric Andover Continuum 9680 | ||
Schneider-electric Andover Continuum 5740 Firmware | ||
Schneider-electric Andover Continuum 5740 | ||
Schneider-electric Andover Continuum 5720 Firmware | ||
Schneider-electric Andover Continuum 5720 | ||
Schneider-electric Andover Continuum Bcx4040 Firmware | ||
Schneider-electric Andover Continuum Bcx4040 | ||
Schneider-electric Andover Continuum Bcx9640 Firmware | ||
Schneider-electric Andover Continuum Bcx9640 | ||
Schneider-electric Andover Continuum 9900 Firmware | ||
Schneider-electric Andover Continuum 9900 | ||
Schneider-electric Andover Continuum 9940 Firmware | ||
Schneider-electric Andover Continuum 9940 | ||
Schneider-electric Andover Continuum 9941 Firmware | ||
Schneider-electric Andover Continuum 9941 | ||
Schneider-electric Andover Continuum 9924 Firmware | ||
Schneider-electric Andover Continuum 9924 | ||
Schneider-electric Andover Continuum 9702 Firmware | ||
Schneider-electric Andover Continuum 9702 | ||
Schneider-electric Andover Continuum 9200 Firmware | ||
Schneider-electric Andover Continuum 9200 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2019-6853.
The title of the vulnerability is 'A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum'.
The severity level of CVE-2019-6853 is medium (6.1).
The Andover Continuum models 9680, 5740, 5720, bCX4040, bCX9640, 9900, 9940, 9924, and 9702 are affected by CVE-2019-6853.
CVE-2019-6853 can be exploited through a successful Cross-site Scripting (XSS) attack when using the product's web server.