Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-05	CVE-2016-8366	Credentials Management vulnerability in Phoenixcontact ILC Plcs Firmware Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. network low complexity phoenixcontact CWE-255	5.0
2018-01-30	CVE-2018-5441	Improper Input Validation vulnerability in Phoenixcontact products An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. local low complexity phoenixcontact CWE-20	4.6
2018-01-12	CVE-2017-16741	Information Exposure vulnerability in Phoenixcontact products An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. network low complexity phoenixcontact CWE-200	5.0
2018-01-04	CVE-2017-5753	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. local intel canonical debian oracle synology opensuse suse arm pepperl-fuchs netapp phoenixcontact siemens vmware CWE-203	4.7
2017-12-11	CVE-2017-16723	Cross-site Scripting vulnerability in Phoenixcontact products A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SERVER RS232, FL COM SERVER RS485, and PSI-MODEM/ETH (running firmware versions prior to 1.99, 2.20, or 2.40). network phoenixcontact CWE-79	4.3
2017-08-08	CVE-2017-10198	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). network high complexity oracle phoenixcontact debian netapp redhat	6.8
2017-08-08	CVE-2017-10135	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). network high complexity oracle debian phoenixcontact redhat netapp	5.9
2017-08-08	CVE-2017-10108	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). network low complexity oracle debian phoenixcontact redhat netapp	5.3
2017-08-08	CVE-2017-10078	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). network low complexity oracle debian redhat phoenixcontact netapp	5.5
2017-08-08	CVE-2017-10053	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). network low complexity oracle debian redhat netapp phoenixcontact	5.0