CVE-2019-6531 — HIGH (8.1) — White Hats Nepal

Q: How severe is CVE-2019-6531?

CVE-2019-6531 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-6531?

Check the references section above for vendor advisories and patch information. Affected products include: Kunbus Pr100088 Modbus Gateway Firmware, Kunbus Pr100088 Modbus Gateway.

Vulnerability Description

An attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) if the attacker is in an MITM position.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Kunbus	Pr100088 Modbus Gateway Firmware	< 1.1.13166
Kunbus	Pr100088 Modbus Gateway	-

Related Weaknesses (CWE)

CWE-598

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05Third Party AdvisoryUS Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05Third Party AdvisoryUS Government Resource

FAQ

What is CVE-2019-6531?

CVE-2019-6531 is a vulnerability with a CVSS score of 8.1 (HIGH). An attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) if the attacker is in an MITM positio...

How severe is CVE-2019-6531?

CVE-2019-6531 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-6531?

Check the references section above for vendor advisories and patch information. Affected products include: Kunbus Pr100088 Modbus Gateway Firmware, Kunbus Pr100088 Modbus Gateway.