CVE-2019-19107

Summary

The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed).

Affected Software

VendorProductVersion RangeStatus
ABBTG/S 3.2 Telephone Gateway2CDG 110 135 R0011affected
Busch-Jaeger6186/11 Telefon-Gateway2CKA006136A0187affected

Weaknesses

  • CWE-264: CWE-264 Permissions, Privileges, and Access Controls

ADP Enrichment

CVE Program Container

Additional References

References