Lucene search

[email protected]NVD:CVE-2022-27048

HistoryApr 15, 2022 - 7:15 p.m.

CVE-2022-27048

2022-04-1519:15:15

[email protected]

web.nvd.nist.gov

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

49.0%

JSON

A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower.

Affected configurations

NVD

Node

moxamgate_mb3170i_firmwareRange≤4.2

AND

moxamgate_mb3170iMatch-

Node

moxamgate_mb3170i-t_firmwareRange≤4.2

AND

moxamgate_mb3170i-tMatch-

Node

moxamgate_mb3170-m-st_firmwareRange≤4.2

AND

moxamgate_mb3170-m-stMatch-

Node

moxamgate_mb3170-m-sc-t_firmwareRange≤4.2

AND

moxamgate_mb3170-m-sc-tMatch-

Node

moxamgate_mb3170_firmwareRange≤4.2

AND

moxamgate_mb3170Match-

Node

moxamgate_mb3170-t_firmwareRange≤4.2

AND

moxamgate_mb3170-tMatch-

Node

moxamgate_mb3170-m-sc_firmwareRange≤4.2

AND

moxamgate_mb3170-m-scMatch-

Node

moxamgate_mb3170i-s-sc_firmwareRange≤4.2

AND

moxamgate_mb3170i-s-scMatch-

Node

moxamgate_mb3270i_firmwareRange≤4.2

AND

moxamgate_mb3270iMatch-

Node

moxamgate_mb3270i-t_firmwareRange≤4.2

AND

moxamgate_mb3270i-tMatch-

Node

moxamgate_mb3170i-m-sc_firmwareRange≤4.2

AND

moxamgate_mb3170i-m-scMatch-

Node

moxamgate_mb3170-s-sc-t_firmwareRange≤4.2

AND

moxamgate_mb3170-s-sc-tMatch-

Node

moxamgate_mb3170i-m-sc-t_firmwareRange≤4.2

AND

moxamgate_mb3170i-m-sc-tMatch-

Node

moxamgate_mb3270_firmwareRange≤4.2

AND

moxamgate_mb3270Match-

Node

moxamgate_mb3270-t_firmwareRange≤4.2

AND

moxamgate_mb3270-tMatch-

Node

moxamgate_mb3170-s-sc_firmwareRange≤4.2

AND

moxamgate_mb3170-s-scMatch-

Node

moxamgate_mb3170-m-st-t_firmwareRange≤4.2

AND

moxamgate_mb3170-m-st-tMatch-

Node

moxamgate_mb3170i-s-sc-t_firmwareRange≤4.2

AND

moxamgate_mb3170i-s-sc-tMatch-

Node

moxamgate_mb3280_firmwareRange≤4.1

AND

moxamgate_mb3280Match-

Node

moxamgate_mb3480_firmwareRange≤3.2

AND

moxamgate_mb3480Match-

References

www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

49.0%

JSON

Related for NVD:CVE-2022-27048

nessus1 prion1 cve1 cvelist1