Описание
Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt credentials, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 3.17 (включая)Версия до 3.11 (включая)
Одновременно
Одно из
cpe:2.3:o:moxa:ioadmin_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:iologik_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:moxa:iologik_e2210:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2210-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2212:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2212-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2214:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2214-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2240:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2240-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2242:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2242-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2260:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2260-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2262:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e2262-t:-:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00442
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-255
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt credentials, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors.
EPSS
Процентиль: 63%
0.00442
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-255