CVE-2019-19107 MEDIUM

CVE-2019-19107: ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Information Exposure

Vendor Abb

Product TG/S 3.2 Telephone Gateway

Weakness CWE-264

Published April 22, 2020

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

6.2/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed).

Key dates

02Disclosure timeline

April 22, 2020 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-19107

Related vulnerabilities

Identifiers

CVE CVE-2019-19107

CWE CWE-264

CVSS 6.2 / MEDIUM

Affected versions

Vendor Abb

Product TG/S 3.2 Telephone Gateway

Affected 2CDG 110 135 R0011

Vendor Busch-Jaeger

Product 6186/11 Telefon-Gateway

Affected 2CKA006136A0187

CVE-2019-19107: ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Information Exposure

01Description

02Disclosure timeline

03References

04Related CVE