A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP.
References
Link | Resource |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2020-343-03/ | Vendor Advisory |
https://www.se.com/ww/en/download/document/SEVD-2020-343-03/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
History
21 Nov 2024, 05:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.se.com/ww/en/download/document/SEVD-2020-343-03/ - Vendor Advisory |
10 Apr 2024, 12:28
Type | Values Removed | Values Added |
---|---|---|
First Time |
Schneider-electric modicon M340 Bmxp3420102 Firmware
Schneider-electric modicon M340 Bmxp342000 Firmware Schneider-electric modicon M340 Bmxp342000 Schneider-electric modicon M340 Bmxp341000 Firmware Schneider-electric modicon M340 Bmxp3420302cl Schneider-electric modicon M340 Bmxp342020 Schneider-electric modicon M340 Bmxp341000 Schneider-electric modicon M340 Bmxp3420102cl Schneider-electric modicon M340 Bmxp342020 Firmware Schneider-electric modicon M340 Bmxp3420302cl Firmware Schneider-electric modicon M340 Bmxp3420102 Schneider-electric modicon M340 Bmxp3420102cl Firmware Schneider-electric modicon M340 Bmxp3420302 Schneider-electric modicon M340 Bmxp3420302 Firmware |
|
CPE | cpe:2.3:h:schneider-electric:bmxp342000:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxp3420302cl_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxp3420102:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxp3420102_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxp3420102cl_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxp3420302_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxp342000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxp342020_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxp341000:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxp341000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxp3420102cl:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxp342020:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxp3420302:-:*:*:*:*:*:*:* |
cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:* |
Information
Published : 2020-12-11 01:15
Updated : 2024-11-21 05:37
NVD link : CVE-2020-7541
Mitre link : CVE-2020-7541
CVE.ORG link : CVE-2020-7541
JSON object : View
Products Affected
schneider-electric
- modicon_m340_bmxp341000
- 140noc78100_firmware
- modicon_m340_bmxp3420102cl_firmware
- tsxety5103
- modicon_m340_bmxp342000
- modicon_m340_bmxp3420302cl
- modicon_m340_bmxp3420102_firmware
- tsxp576634
- tsxety4103_firmware
- bmxnoe0110
- 140noc78000_firmware
- modicon_m340_bmxp341000_firmware
- modicon_m340_bmxp342020_firmware
- tsxety4103
- 140noe77111
- bmxnoc0401_firmware
- modicon_m340_bmxp342000_firmware
- tsxp574634
- tsxp576634_firmware
- 140noc78100
- 140cpu65150_firmware
- modicon_m340_bmxp3420302cl_firmware
- bmxnoe0100
- tsxp575634_firmware
- tsxp575634
- bmxnoe0100_firmware
- modicon_m340_bmxp3420302_firmware
- 140noc77101
- 140noc78000
- tsxety5103_firmware
- tsxp574634_firmware
- 140cpu65150
- modicon_m340_bmxp3420102cl
- modicon_m340_bmxp3420102
- 140noe77111_firmware
- bmxnoe0110_firmware
- modicon_m340_bmxp342020
- 140noc77101_firmware
- bmxnoc0401
- modicon_m340_bmxp3420302
CWE
CWE-425
Direct Request ('Forced Browsing')