Vulnerability Details CVE-2019-6814
A CWE-287: Improper Authentication vulnerability exists in the NET55XX Encoder with firmware prior to version 2.1.9.7 which could cause impact to confidentiality, integrity, and availability when a remote attacker crafts a malicious request to the encoder webUI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.669
EPSS Ranking 98.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-6814
-
cpe:2.3:h:schneider-electric:net5500:-
-
cpe:2.3:h:schneider-electric:net5501-i:-
-
cpe:2.3:h:schneider-electric:net5501-xt:-
-
cpe:2.3:h:schneider-electric:net5501:-
-
cpe:2.3:h:schneider-electric:net5504:-
-
cpe:2.3:h:schneider-electric:net5508:-
-
cpe:2.3:h:schneider-electric:net5516:-
-
cpe:2.3:o:schneider-electric:net5500_firmware:*
-
cpe:2.3:o:schneider-electric:net5501-i_firmware:*
-
cpe:2.3:o:schneider-electric:net5501-xt_firmware:*
-
cpe:2.3:o:schneider-electric:net5501_firmware:*
-
cpe:2.3:o:schneider-electric:net5504_firmware:*
-
cpe:2.3:o:schneider-electric:net5508_firmware:*
-
cpe:2.3:o:schneider-electric:net5516_firmware:*