QwikSec

Security Database

CVE

CWE

Training

CVE-2018-13990

Published: May 6, 2019

Modified: Aug 5, 2024

PUBLISHED

CVSS v3.0

8.6

HIGH

Description

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AC:L/AV:N/A:L/C:H/I:L/PR:N/S:U/UI:N

Attack Complexity

Low

Attack Vector

Network

Availability

Low

Confidentiality

High

Integrity

Low

Privileges Required

None

Scope

Unchanged

User Interaction

None

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-024-02

x_refsource_MISC

http://www.securityfocus.com/bid/106737

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.