CWE-319: Cleartext Transmission of Sensitive Information in Modicon M580, M340, BMxCRA, and 140CRA Modules via FTP

CVE-2019-6846 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules (all firmware versions), which could cause information disclosure when using the FTP protocol.

Learn more about our Web Application Penetration Testing UK.