Lucene search

MitreCVELIST:CVE-2019-9102

HistoryMar 11, 2020 - 2:27 p.m.

CVE-2019-9102

2020-03-1114:27:58

mitre

www.cve.org

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

8.9 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.7%

JSON

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A predictable mechanism of generating tokens allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism.

References

www.moxa.com/en/support/support/security-advisory/mb3710-3180-3270-3280-3480-3660-vulnerabilities

www.us-cert.gov/ics/advisories/icsa-20-056-01

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

8.9 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.7%

JSON

Related for CVELIST:CVE-2019-9102