CVE-2019-5106
N/A
N/A
Summary
A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e!Cockpit version 1.5.1.1. An attacker with access to communications between e!Cockpit and CoDeSyS Gateway can trivially recover the password of any user attempting to log in, in plain text.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Wago | WAGO e!Cockpit | 1.5.1.1 | affected |
Weaknesses
- Use of a Broken or Risky Cryptographic Algorithm
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.