How severe is CVE-2019-13944?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2019-13944?

This is classified as CWE-23, which is a common weakness in software security.

CVE-2019-13944 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). A vulnerability in the integrated web server of the affected devices could allow unauthorized attackers to obtain sensitive information about the device, including logs and configurations. At the time of advisory publication no public exploitation of this security vulnerability was known.

Related Vulnerabilities

CVE-2018-18990

MEDIUM

CVSS:5.3(Medium)

LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information u...

CWE-232018

CVE-2021-29488

MEDIUM

CVSS:5.3(Medium)

SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the `filesystem.renamer()` function into writing downloaded files outside the configured Downloa...

CWE-232021

CVE-2021-32964

MEDIUM

CVSS:5.3(Medium)

The AGG Software Web Server version 4.0.40.1014 and prior is vulnerable to a path traversal attack, which may allow an attacker to read arbitrary files from the file system.

CWE-232021

CVE-2022-42892

MEDIUM

CVSS:5.3(Medium)

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that coul...

CWE-232022

CVE-2024-24938

MEDIUM

CVSS:5.3(Medium)

In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation

CWE-232024

CVE-2024-24942

MEDIUM

CVSS:5.3(Medium)

In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives

CWE-232024