{"vulnerability": "cve-2018-1399", "sightings": [{"uuid": "776eef3f-3809-41dc-a417-54fd56463f0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-13992", "type": "seen", "source": "https://t.me/cibsecurity/4162", "content": "ATENTION\u203c New - CVE-2018-13992\n\nThe WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-05-07T22:28:15.000000Z"}, {"uuid": "d95a0519-0e30-4e8b-b7d9-713d10f8ea47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-13991", "type": "seen", "source": "https://t.me/cibsecurity/4163", "content": "ATENTION\u203c New - CVE-2018-13991\n\nThe WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-05-07T22:28:19.000000Z"}, {"uuid": "9b2a8e62-601f-42fe-a7ef-a1f27b1ab6ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-13994", "type": "seen", "source": "https://t.me/cibsecurity/4160", "content": "ATENTION\u203c New - CVE-2018-13994\n\nThe WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-05-07T22:28:13.000000Z"}, {"uuid": "f6427db7-423f-4a10-b801-95dc2a147da1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-13993", "type": "seen", "source": "https://t.me/cibsecurity/4161", "content": "ATENTION\u203c New - CVE-2018-13993\n\nThe WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-05-07T22:28:14.000000Z"}, {"uuid": "4df397d1-cd4f-4821-ba19-d4d3fbc85f82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-13990", "type": "seen", "source": "https://t.me/cibsecurity/4122", "content": "ATENTION\u203c New - CVE-2018-13990\n\nThe WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-05-06T22:33:20.000000Z"}, {"uuid": "06ce2b4f-7bb8-41f0-bf6a-7e63e78d178f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-13990", "type": "seen", "source": "https://t.me/cibsecurity/4124", "content": "ATENTION\u203c New - CVE-2018-13990\n\nThe WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-05-06T22:48:06.000000Z"}]}