ID

VAR-202103-0078


CVE

CVE-2019-18231


TITLE

Advantech Spectre RT ERT351  Vulnerability in plaintext transmission of important information in

Trust: 0.8

sources: JVNDB: JVNDB-2019-016219

DESCRIPTION

Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request. Advantech Spectre RT ERT351 Contains a vulnerability in the transmission of important information in clear text.Information may be obtained. Advantech Spectre RT ERT351 is a router of American Advantech company that provides network routing function

Trust: 2.25

sources: NVD: CVE-2019-18231 // JVNDB: JVNDB-2019-016219 // CNVD: CNVD-2021-28789 // VULMON: CVE-2019-18231

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-28789

AFFECTED PRODUCTS

vendor:advantechmodel:spectre rt ert351scope:lteversion:5.1.3

Trust: 1.0

vendor:アドバンテック株式会社model:spectre rt ert351scope:lteversion:spectre rt ert351 firmware 5.1.3 and earlier

Trust: 0.8

vendor:アドバンテック株式会社model:spectre rt ert351scope:eqversion: -

Trust: 0.8

vendor:アドバンテック株式会社model:spectre rt ert351scope: - version: -

Trust: 0.8

vendor:advantechmodel:spectre rt ert351scope:lteversion:<=5.1.3

Trust: 0.6

sources: CNVD: CNVD-2021-28789 // JVNDB: JVNDB-2019-016219 // NVD: CVE-2019-18231

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-18231
value: HIGH

Trust: 1.0

NVD: CVE-2019-18231
value: HIGH

Trust: 0.8

CNVD: CNVD-2021-28789
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202102-1545
value: HIGH

Trust: 0.6

VULMON: CVE-2019-18231
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-18231
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2021-28789
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2019-18231
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-18231
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2021-28789 // VULMON: CVE-2019-18231 // JVNDB: JVNDB-2019-016219 // CNNVD: CNNVD-202102-1545 // NVD: CVE-2019-18231

PROBLEMTYPE DATA

problemtype:CWE-319

Trust: 1.0

problemtype:Sending important information in clear text (CWE-319) [ Other ]

Trust: 0.8

sources: JVNDB: JVNDB-2019-016219 // NVD: CVE-2019-18231

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202102-1545

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202102-1545

PATCH

title:SA-2021-01-01url:https://icr.advantech.cz/support/router-models/download/511/sa-2021-01-fw-5.1.3-and-older-en.pdf

Trust: 0.8

title:Patch for Advantech Spectre RT ERT351 password clear text transmission vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/258971

Trust: 0.6

title:Advantech Spectre RT ERT351 firmware Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142895

Trust: 0.6

sources: CNVD: CNVD-2021-28789 // JVNDB: JVNDB-2019-016219 // CNNVD: CNNVD-202102-1545

EXTERNAL IDS

db:NVDid:CVE-2019-18231

Trust: 3.1

db:ICS CERTid:ICSA-21-054-03

Trust: 3.1

db:JVNid:JVNVU98128183

Trust: 0.8

db:JVNDBid:JVNDB-2019-016219

Trust: 0.8

db:CNVDid:CNVD-2021-28789

Trust: 0.6

db:AUSCERTid:ESB-2021.0680

Trust: 0.6

db:CNNVDid:CNNVD-202102-1545

Trust: 0.6

db:VULMONid:CVE-2019-18231

Trust: 0.1

sources: CNVD: CNVD-2021-28789 // VULMON: CVE-2019-18231 // JVNDB: JVNDB-2019-016219 // CNNVD: CNNVD-202102-1545 // NVD: CVE-2019-18231

REFERENCES

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-054-03

Trust: 3.7

url:https://ep.advantech-bb.cz/support/router-models/download/511/sa-2021-01-fw-5.1.3-and-older-en.pdf

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-18231

Trust: 1.4

url:https://jvn.jp/vu/jvnvu98128183/

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2021.0680

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/319.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/197341

Trust: 0.1

sources: CNVD: CNVD-2021-28789 // VULMON: CVE-2019-18231 // JVNDB: JVNDB-2019-016219 // CNNVD: CNNVD-202102-1545 // NVD: CVE-2019-18231

SOURCES

db:CNVDid:CNVD-2021-28789
db:VULMONid:CVE-2019-18231
db:JVNDBid:JVNDB-2019-016219
db:CNNVDid:CNNVD-202102-1545
db:NVDid:CVE-2019-18231

LAST UPDATE DATE

2024-08-14T13:17:54.840000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2021-28789date:2021-04-16T00:00:00
db:VULMONid:CVE-2019-18231date:2021-03-23T00:00:00
db:JVNDBid:JVNDB-2019-016219date:2021-11-24T07:40:00
db:CNNVDid:CNNVD-202102-1545date:2021-03-24T00:00:00
db:NVDid:CVE-2019-18231date:2021-03-23T19:16:48.350

SOURCES RELEASE DATE

db:CNVDid:CNVD-2021-28789date:2021-04-16T00:00:00
db:VULMONid:CVE-2019-18231date:2021-03-17T00:00:00
db:JVNDBid:JVNDB-2019-016219date:2021-11-24T00:00:00
db:CNNVDid:CNNVD-202102-1545date:2021-02-23T00:00:00
db:NVDid:CVE-2019-18231date:2021-03-17T19:15:11.727