A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e!Cockpit version 1.5.1.1. An attacker with access to communications between e!Cockpit and CoDeSyS Gateway can trivially recover the password of any user attempting to log in, in plain text.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published: 2020-03-10T23:41:32

Updated: 2024-08-04T19:47:55.965Z

Reserved: 2019-01-04T00:00:00

Link: CVE-2019-5106

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-03-11T22:27:39.537

Modified: 2021-07-21T11:39:23.747

Link: CVE-2019-5106

cve-icon Redhat

No data.