VDB
CVE-2018-13992
CVE-2018-13992
PUBLISHED
CVSS 8.199999809265137 HIGH
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.
EPSS 0.14% · 34.7th percentile
Risk Scores
CVSS 3.0
8.199999809265137
CVSS:3.0/AC:L/AV:N/A:N/C:H/I:L/PR:N/S:U/UI:N
EPSS Score
0.14%
34.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| phoenixcontact | fl_switch_3016t_firmware | 1.0 |
| phoenixcontact | fl_switch_3016_firmware | 1.0 |
| phoenixcontact | fl_switch_4808e-16fx_st-4gc_firmware | 1.0 |
| phoenixcontact | fl_switch_4808e-16fx_lc-4gc_firmware | 1.0 |
| phoenixcontact | fl_switch_3006t-2fx_firmware | 1.0 |
| phoenixcontact | fl_switch_4800e-24fx-4gc_firmware | 1.0 |
| phoenixcontact | fl_switch_4000t-8poe-2sfp-r_firmware | 1.0 |
| phoenixcontact | fl_switch_4012t_2gt_2fx_firmware | 1.0 |
| phoenixcontact | fl_switch_4800e-24fx_sm-4gc_firmware | 1.0 |
| n/a | n/a | * |
| phoenixcontact | fl_switch_3012e-2sfx_firmware | 1.0 |
| phoenixcontact | fl_switch_3005_firmware | 1.0 |
| phoenixcontact | fl_switch_4008t-2gt-3fx_sm_firmware | 1.0 |
| phoenixcontact | fl_switch_3012e-2fx_sm_firmware | 1.0 |
| phoenixcontact | fl_switch_3004t-fx_st_firmware | 1.0 |
| phoenixcontact | fl_switch_4008t-2gt-4fx_sm_firmware | 1.0 |
| phoenixcontact | fl_switch_4824e-4gc_firmware | 1.0 |
| phoenixcontact | fl_switch_3016e_firmware | 1.0 |
| phoenixcontact | fl_switch_4012t-2gt-2fx_st_firmware | 1.0 |
| phoenixcontact | fl_switch_3004t-fx_firmware | 1.0 |
…and 10 more
Exploit Intelligence
Timeline
- Jan 24, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score