Vulnerabilities > CVE-2015-6472 - Credentials Management vulnerability in Wago products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 758-870 have weak credential management.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 6 | |
Hardware | 3 |
Common Weakness Enumeration (CWE)
Packetstorm
data source | https://packetstormsecurity.com/files/download/136077/wago-credsprivdisclose.txt |
id | PACKETSTORM:136077 |
last seen | 2016-12-05 |
published | 2016-03-04 |
reporter | Karn Ganeshen |
source | https://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html |
title | WAGO IO PLC 758-870 / 750-849 Credential Management / Privilege Separation |
References
- http://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html
- http://packetstormsecurity.com/files/136077/WAGO-IO-PLC-758-870-750-849-Credential-Management-Privilege-Separation.html
- http://seclists.org/fulldisclosure/2016/Mar/4
- http://seclists.org/fulldisclosure/2016/Mar/4
- http://www.securityfocus.com/bid/84138
- http://www.securityfocus.com/bid/84138