Vulnerabilities > Phoenixcontact > FL Switch 3005 Firmware > 1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-07 | CVE-2018-13994 | Resource Exhaustion vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. | 7.5 |
2019-05-07 | CVE-2018-13993 | Cross-Site Request Forgery (CSRF) vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. | 8.8 |
2019-05-07 | CVE-2018-13992 | Missing Encryption of Sensitive Data vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. | 9.8 |
2019-05-07 | CVE-2018-13991 | Information Exposure vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. | 5.3 |
2019-05-06 | CVE-2018-13990 | Improper Authentication vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts. | 9.8 |
2018-01-12 | CVE-2017-16743 | Incorrect Authorization vulnerability in Phoenixcontact products An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. | 9.8 |
2018-01-12 | CVE-2017-16741 | Information Exposure vulnerability in Phoenixcontact products An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. | 5.3 |