Lucene search

MoxaCVE-2023-39981

HistorySep 02, 2023 - 1:15 p.m.

CVE-2023-39981

2023-09-0213:15:45

CWE-287

Moxa

web.nvd.nist.gov

cve-2023-39981

vulnerability

unauthorized access

mxsecurity

authentication

disclosure

nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

58.0%

JSON

A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading to the disclosure of device information by a remote attacker.

Affected configurations

Nvd

Node

moxamxsecurityRange≤1.0.1

VendorProductVersionCPE
moxamxsecurity*cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moxa	mxsecurity	*	cpe:2.3:a:moxa:mxsecurity::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "MXsecurity Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "1.0.1",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

58.0%

JSON

Related for CVE-2023-39981