A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2020-12-11T00:52:09

Updated: 2024-08-04T09:33:19.936Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7541

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-11T01:15:12.457

Modified: 2024-11-21T05:37:20.717

Link: CVE-2020-7541

cve-icon Redhat

No data.