{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-12-12T00:00:00", "descriptions": [{"lang": "en", "value": "The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf"}, {"tags": ["x_refsource_MISC"], "url": "http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1"}, {"name": "51605", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/51605"}, {"tags": ["x_refsource_MISC"], "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf"}, {"name": "47723", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47723"}, {"name": "schneider-modicon-backdoor(72587)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72587"}, {"tags": ["x_refsource_MISC"], "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-4859", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf", "refsource": "MISC", "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf"}, {"name": "http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1", "refsource": "MISC", "url": "http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1"}, {"name": "51605", "refsource": "BID", "url": "http://www.securityfocus.com/bid/51605"}, {"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf", "refsource": "MISC", "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf"}, {"name": "47723", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47723"}, {"name": "schneider-modicon-backdoor(72587)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72587"}, {"name": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf", "refsource": "MISC", "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:16:35.051Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1"}, {"name": "51605", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/51605"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf"}, {"name": "47723", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47723"}, {"name": "schneider-modicon-backdoor(72587)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72587"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-4859", "datePublished": "2011-12-17T11:00:00", "dateReserved": "2011-12-16T00:00:00", "dateUpdated": "2024-08-07T00:16:35.051Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65150:*:*:*:*:*:*:*:*", "matchCriteriaId": "F46FD25F-6A66-4A01-94B6-B2C7B4A1161F", "versionEndIncluding": "3.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65160:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4B260E8-8CAB-43D6-B7EB-1A47085B3301", "versionEndIncluding": "3.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65260:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7407DDC-F4BC-48FB-9B0B-4BED21B82FAE", "versionEndIncluding": "3.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77100:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E2B9B12-772E-45B0-B696-9487C5EC9669", "versionEndIncluding": "3.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77100:*:*:*:*:*:*:*:*", "matchCriteriaId": "84E9206F-0AED-4C42-849E-F8741C070234", "versionEndIncluding": "3.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77101:*:*:*:*:*:*:*:*", "matchCriteriaId": "C6272D36-A9E3-4210-8998-19D65323E085", "versionEndIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77111:*:*:*:*:*:*:*:*", "matchCriteriaId": "0780C449-C9A7-4D83-9090-C48EB308F69F", "versionEndIncluding": "5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxety4103:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D5CFADB-BD77-45B2-83F6-791ECB6DCEC1", "versionEndIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxety5103:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD0DA2C8-81BE-4006-B6A2-DE2B20F85771", "versionEndIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp57163m:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1F32575-37AC-4F55-904F-68AED57F8B63", "versionEndIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp572634m:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B88C30B-8748-42AA-8765-2EC8ADAD4B54", "versionEndIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp573634m:*:*:*:*:*:*:*:*", "matchCriteriaId": "985B9868-9D59-4902-B825-387BF1F8A8A6", "versionEndIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp574634m:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DD89F76-4EB6-41D2-8646-602C13166C35", "versionEndIncluding": "3.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp575634m:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9CCBD5A-7E9F-4204-95CB-C1C00B3B4BFF", "versionEndIncluding": "3.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp576634m:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EDB245F-2BAF-4EA1-B6EC-E9F54C8AB4AD", "versionEndIncluding": "3.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxnoe0100:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C1A71AC-5951-40E0-900F-E3E29AD0C791", "versionEndIncluding": "2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxnoe0110:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7D8CC15-CFC3-4BFF-9BC0-4059FD7DCDE6", "versionEndIncluding": "4.65", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxp342020:*:*:*:*:*:*:*:*", "matchCriteriaId": "76A49B2B-1353-46BF-8A03-2CD5701A1465", "versionEndIncluding": "2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxp342030:*:*:*:*:*:*:*:*", "matchCriteriaId": "130C136E-5762-4C25-8F66-85CC323FB04F", "versionEndIncluding": "2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnic2212:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4EC1C87-FF50-4442-B096-6EBB70A679A9", "versionEndIncluding": "2.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnip2212:*:*:*:*:*:*:*:*", "matchCriteriaId": "76A596AB-117A-471A-8DE2-F0271370EAE5", "versionEndIncluding": "2.73", "vulnerable": true}, {"criteria": "cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnip2311:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FDE9605-55A2-4B8C-B1F3-880E98328C55", "versionEndIncluding": "3.01", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port."}, {"lang": "es", "value": "El m\u00f3dulo Schneider Electric Quantum Ethernet, tal como se utiliza en los m\u00f3dulos Quantum 140NOE771* y 140CPU65*, los m\u00f3dulos Premium TSXETY* y TSXP57*, los m\u00f3dulos M340 BMXNOE01* y BMXP3420*, y los m\u00f3dulos STB DIO STBNIC2212 y STBNIP2*, utiliza contrase\u00f1as est\u00e1ticas para las cuentas (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, y (16) webserver, lo que facilita a atacantes remotos obtener acceso a trav\u00e9s de (a) TELNET, (b) Windriver Debug, o (c) el puerto FTP."}], "id": "CVE-2011-4859", "lastModified": "2017-08-29T01:30:36.817", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-12-17T11:55:11.917", "references": [{"source": "cve@mitre.org", "url": "http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/47723"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/51605"}, {"source": "cve@mitre.org", "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf"}, {"source": "cve@mitre.org", "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf"}, {"source": "cve@mitre.org", "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72587"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}