CVE-2019-5106

Published: Mar 10, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e!Cockpit version 1.5.1.1. An attacker with access to communications between e!Cockpit and CoDeSyS Gateway can trivially recover the password of any user attempting to log in, in plain text.

Vendor	Product	Versions
Wago	WAGO e!Cockpit	affected `1.5.1.1`

References

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0898

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-5106

Description

Affected Products

References