Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2019-6814
Analyzed
More InfoOfficial Page
Source-cybersecurity@se.com
View Known Exploited Vulnerability (KEV) details
Published At-22 May, 2019 | 20:29
Updated At-03 Sep, 2022 | 03:47

A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Schneider Electric SE
schneider-electric
>>net5501_firmware>>Versions before 2.1.9.7(exclusive)
cpe:2.3:o:schneider-electric:net5501_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5501>>-
cpe:2.3:h:schneider-electric:net5501:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5501-i_firmware>>Versions before 2.1.9.7(exclusive)
cpe:2.3:o:schneider-electric:net5501-i_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5501-i>>-
cpe:2.3:h:schneider-electric:net5501-i:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5501-xt_firmware>>Versions before 2.1.9.7(exclusive)
cpe:2.3:o:schneider-electric:net5501-xt_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5501-xt>>-
cpe:2.3:h:schneider-electric:net5501-xt:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5504_firmware>>Versions before 2.1.9.7(exclusive)
cpe:2.3:o:schneider-electric:net5504_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5504>>-
cpe:2.3:h:schneider-electric:net5504:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5500_firmware>>Versions before 2.1.9.7(exclusive)
cpe:2.3:o:schneider-electric:net5500_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5500>>-
cpe:2.3:h:schneider-electric:net5500:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5516_firmware>>Versions before 2.1.9.7(exclusive)
cpe:2.3:o:schneider-electric:net5516_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5516>>-
cpe:2.3:h:schneider-electric:net5516:-:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5508_firmware>>Versions before 2.1.9.7(exclusive)
cpe:2.3:o:schneider-electric:net5508_firmware:*:*:*:*:*:*:*:*
Schneider Electric SE
schneider-electric
>>net5508>>-
cpe:2.3:h:schneider-electric:net5508:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
CWE-287Secondarycybersecurity@se.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.se.com/ww/en/download/document/SEVD-2019-134-01/cybersecurity@se.com
Vendor Advisory
Change History
0Changes found
Details not found