Vulnerability Details CVE-2019-6853
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2019-6853
-
cpe:2.3:h:schneider-electric:andover_continuum_5720:-
-
cpe:2.3:h:schneider-electric:andover_continuum_5740:-
-
cpe:2.3:h:schneider-electric:andover_continuum_9200:-
-
cpe:2.3:h:schneider-electric:andover_continuum_9680:-
-
cpe:2.3:h:schneider-electric:andover_continuum_9702:-
-
cpe:2.3:h:schneider-electric:andover_continuum_9900:-
-
cpe:2.3:h:schneider-electric:andover_continuum_9924:-
-
cpe:2.3:h:schneider-electric:andover_continuum_9940:-
-
cpe:2.3:h:schneider-electric:andover_continuum_9941:-
-
cpe:2.3:h:schneider-electric:andover_continuum_bcx4040:-
-
cpe:2.3:h:schneider-electric:andover_continuum_bcx9640:-
-
cpe:2.3:o:schneider-electric:andover_continuum_5720_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_5740_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_9200_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_9680_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_9702_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_9900_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_9924_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_9940_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_9941_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_bcx4040_firmware:-
-
cpe:2.3:o:schneider-electric:andover_continuum_bcx9640_firmware:-