1. Home
  2. CVE Database
  3. CVE-2019-6853
MEDIUM · 6.1

CVE-2019-6853

A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful C...

Vulnerability Description

A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
Schneider-ElectricAndover Continuum 9680 Firmware-
Schneider-ElectricAndover Continuum 9680-
Schneider-ElectricAndover Continuum 5740 Firmware-
Schneider-ElectricAndover Continuum 5740-
Schneider-ElectricAndover Continuum 5720 Firmware-
Schneider-ElectricAndover Continuum 5720-
Schneider-ElectricAndover Continuum Bcx4040 Firmware-
Schneider-ElectricAndover Continuum Bcx4040-
Schneider-ElectricAndover Continuum Bcx9640 Firmware-
Schneider-ElectricAndover Continuum Bcx9640-
Schneider-ElectricAndover Continuum 9900 Firmware-
Schneider-ElectricAndover Continuum 9900-
Schneider-ElectricAndover Continuum 9940 Firmware-
Schneider-ElectricAndover Continuum 9940-
Schneider-ElectricAndover Continuum 9941 Firmware-
Schneider-ElectricAndover Continuum 9941-
Schneider-ElectricAndover Continuum 9924 Firmware-
Schneider-ElectricAndover Continuum 9924-
Schneider-ElectricAndover Continuum 9702 Firmware-
Schneider-ElectricAndover Continuum 9702-

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2019-6853?

CVE-2019-6853 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful C...

How severe is CVE-2019-6853?

CVE-2019-6853 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-6853?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Andover Continuum 9680 Firmware, Schneider-Electric Andover Continuum 9680, Schneider-Electric Andover Continuum 5740 Firmware, Schneider-Electric Andover Continuum 5740, Schneider-Electric Andover Continuum 5720 Firmware.