Vulnerabilities > Phoenixcontact
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-24 | CVE-2019-12870 | Access of Uninitialized Pointer vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. | 8.8 |
| 2019-06-24 | CVE-2019-12869 | Out-of-bounds Read vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. | 8.8 |
| 2019-06-24 | CVE-2019-12871 | Use After Free vulnerability in Phoenixcontact Automationworx Software Suite 1.81/1.84/1.86 An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. | 8.8 |
| 2019-06-18 | CVE-2019-10998 | Improper Authentication vulnerability in Phoenixcontact products An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. | 6.8 |
| 2019-06-17 | CVE-2019-10997 | Unspecified vulnerability in Phoenixcontact products An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. | 5.9 |
| 2019-05-07 | CVE-2018-13994 | Resource Exhaustion vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. | 7.5 |
| 2019-05-07 | CVE-2018-13993 | Cross-Site Request Forgery (CSRF) vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. | 8.8 |
| 2019-05-07 | CVE-2018-13992 | Missing Encryption of Sensitive Data vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. | 9.8 |
| 2019-05-07 | CVE-2018-13991 | Information Exposure vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. | 5.3 |
| 2019-05-06 | CVE-2018-13990 | Improper Authentication vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts. | 9.8 |