CVE-2019-6855

HIGH Year: 2019
CVSS v3 Score
7.3
High
CVSS v2 Score
7.5
High
Weakness Type
CWE-863
View all →

Vulnerability Description

Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers.

Related Vulnerabilities

CVE-2020-4877

HIGH
CVSS:7.3(High)

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized modifications by using public fields in public classes. IBM X-Force ID: 190843.

CWE-8632020

CVE-2021-0319

HIGH
CVSS:7.3(High)

In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. This...

CWE-8632021

CVE-2023-5521

HIGH
CVSS:7.3(High)

Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9.

CWE-8632023

CVE-2024-13291

HIGH
CVSS:7.3(High)

Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful Browsing.This issue affects Basic HTTP Authentication: from 7.X-1.0 before 7.X-1.4.

CWE-8632024

CVE-2024-3957

HIGH
CVSS:7.3(High)

The Booster for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 7.1.8. This allows unauthenticated attackers to execute arbitrary sh...

CWE-8632024