Mitsubishi Electric QJ71E71-100 Firmware

CPE Details

Mitsubishi Electric QJ71E71-100 Firmware
mitsubishielectric
qj71e71-100_firmware
-
2021-05-11
13h00 +00:00
2021-05-12
16h04 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:mitsubishielectric:qj71e71-100_firmware:-:*:*:*:*:*:*:*

Informations

Vendor

mitsubishielectric

Product

qj71e71-100_firmware

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-16226 2020-10-05 17h19 +00:00 Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious actor, which may allow an attacker to remotely execute arbitrary commands.
9.8
Critique
CVE-2019-10977 2019-05-23 11h28 +00:00 In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 serial number 20121 and prior, an attacker could send crafted TCP packets against the FTP service, forcing the target devices to enter an error mode and cause a denial-of-service condition.
7.5
Haute
CVE-2016-8368 2017-02-13 20h00 +00:00 An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, which may allow a remote attacker to connect to the PLC via Port 5002/TCP and cause a denial of service, requiring the PLC to be reset to resume operation. This is caused by an Unrestricted Externally Accessible Lock.
8.6
Haute
CVE-2016-8370 2017-02-13 20h00 +00:00 An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. Weakly encrypted passwords are transmitted to a MELSEC-Q PLC.
7.5
Haute
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.