Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-18	CVE-2019-10998	Improper Authentication vulnerability in Phoenixcontact products An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. low complexity phoenixcontact CWE-287	6.8
2019-06-17	CVE-2019-10997	Unspecified vulnerability in Phoenixcontact products An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. network high complexity phoenixcontact	5.9
2019-05-07	CVE-2018-13991	Information Exposure vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. network low complexity phoenixcontact CWE-200	5.3
2018-05-17	CVE-2018-10729	Information Exposure vulnerability in Phoenixcontact products All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 allow reading the configuration file by an unauthenticated user. network low complexity phoenixcontact CWE-200	5.3
2018-01-12	CVE-2017-16741	Information Exposure vulnerability in Phoenixcontact products An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. network low complexity phoenixcontact CWE-200	5.3
2018-01-04	CVE-2017-5753	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. local high complexity intel canonical debian oracle synology opensuse suse arm pepperl-fuchs netapp phoenixcontact siemens vmware CWE-203	5.6
2017-12-11	CVE-2017-16723	Cross-site Scripting vulnerability in Phoenixcontact products A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SERVER RS232, FL COM SERVER RS485, and PSI-MODEM/ETH (running firmware versions prior to 1.99, 2.20, or 2.40). network low complexity phoenixcontact CWE-79	6.1
2017-08-08	CVE-2017-10198	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). network high complexity oracle phoenixcontact debian netapp redhat	6.8
2017-08-08	CVE-2017-10135	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). network high complexity oracle debian phoenixcontact redhat netapp	5.9
2017-08-08	CVE-2017-10108	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). network low complexity oracle debian phoenixcontact redhat netapp	5.3