Lucene search
IcscertCVELIST:CVE-2020-25190HistoryDec 23, 2020 - 2:07 p.m.
CVE-2020-25190 MOXA NPort IAW5000A-I/O Series
2020-12-2314:07:56
CWE-319
icscert
www.cve.org
4
moxa nport
iaw5000a-i/o
cleartext
credentials
third-party services
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
59.6%
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and transmits the credentials of third-party services in cleartext.
CNA Affected
[
{
"product": "NPort IAW5000A-I/O",
"vendor": "MOXA",
"versions": [
{
"lessThanOrEqual": "Version 2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
nessus
nessus
prion
prion
Code injection
2020-12-23 15:15:00
cve
cve
CVE-2020-25190
2020-12-23 15:15:15
nvd
nvd
CVE-2020-25190
2020-12-23 15:15:15
ics
ics
MOXA NPort IAW5000A-I/O Series
2020-10-13 12:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
59.6%
Related for CVELIST:CVE-2020-25190