Vulnerabilites related to moxa - iologik_2542-hspa
CVE-2019-18242 (GCVE-0-2019-18242)
Vulnerability from cvelistv5
Published
2020-03-24 16:53
Modified
2024-08-05 01:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-941 - INCORRECTLY SPECIFIED DESTINATION IN A COMMUNICATION CHANNEL
Summary
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower |
Version: Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:14.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-941",
"description": "INCORRECTLY SPECIFIED DESTINATION IN A COMMUNICATION CHANNEL CWE-941",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-24T16:53:32",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-18242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INCORRECTLY SPECIFIED DESTINATION IN A COMMUNICATION CHANNEL CWE-941"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-18242",
"datePublished": "2020-03-24T16:53:32",
"dateReserved": "2019-10-22T00:00:00",
"dateUpdated": "2024-08-05T01:47:14.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18238 (GCVE-0-2019-18238)
Vulnerability from cvelistv5
Published
2020-02-26 21:19
Modified
2024-08-05 01:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-312 - CLEARTEXT STORAGE OF SENSITIVE INFORMATION
Summary
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower |
Version: Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:14.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CLEARTEXT STORAGE OF SENSITIVE INFORMATION CWE-312",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-24T16:45:16",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-18238",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CLEARTEXT STORAGE OF SENSITIVE INFORMATION CWE-312"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-18238",
"datePublished": "2020-02-26T21:19:56",
"dateReserved": "2019-10-22T00:00:00",
"dateUpdated": "2024-08-05T01:47:14.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7003 (GCVE-0-2020-7003)
Vulnerability from cvelistv5
Published
2020-03-24 17:02
Modified
2024-08-04 09:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-319 - CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION
Summary
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower |
Version: Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:02.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-24T17:02:34",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-7003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik 2500 series firmware, Version 3.0 or lower, IOxpress configuration utility, Version 2.3.0 or lower"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-7003",
"datePublished": "2020-03-24T17:02:34",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:02.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-03-24 17:15
Modified
2024-11-21 04:32
Severity ?
Summary
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-056-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-056-02 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1060F63B-42E8-4EE0-9A71-933080629E45",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC91E5AB-0CEE-4D58-83C4-EC3066F2D368",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA38DDD-0A0A-42FB-8C43-A3E0D0267B6D",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC9692C-08EC-4CDE-A69A-75C172130362",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-hspa_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09259434-AE8D-463A-8A83-4466D24B4F8D",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-hspa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4FF9E8-D2A1-4EED-A56C-C5517775C3CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-hspa-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11BEF8E5-BEB4-41CA-8DEC-B2448290238C",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-hspa-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C968278D-D141-49ED-9973-C684CEDBD3BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E1C82C-2B14-4406-BF86-02D5E29EBE4B",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA01CE1-F638-42F4-8E59-4FC7F7C8AB1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-eu-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0544A1EF-5846-454F-8692-7635F1F23467",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-eu-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C808B157-E545-49C2-ACF8-9E460E3B8272",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B159DE1B-DE12-4F53-8B04-350978E808F6",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E88BEA2-2EDB-4945-B800-E167EF93D50E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-us-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3339E6-27FD-43A9-A95A-A499A3AF24C7",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-us-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53A9D770-36C6-4F47-AA0B-D6A82306E303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-jp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B9F78B-884D-4775-8DC2-60C8A472BAD0",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-jp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B96F3BD8-26DB-4036-9AAA-8203390E72DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-jp-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3991346-BA4F-4720-BD58-329E62BA983C",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-jp-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9A98AC-1F19-470B-BDE1-C1DB989D7D68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "080CEAFC-E949-42BD-8C5B-279FAFAE1B46",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D7DF27-9153-4891-8430-CEDC84C82FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F209813-866A-473D-BF5D-76D90C01AF88",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489B9CFB-EDE6-4C4A-8D8F-3BB27F2598BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-hspa_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD426ED7-5CDB-4228-9A7C-3C14A3DC3593",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-hspa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29EE1B92-C03D-424A-89CC-6EED8D24D114",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-hspa-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A890802-63ED-4027-A664-56DF3584F3AF",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-hspa-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF1FF86-D4CF-40DC-8FD8-9CAA5388C28F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BACBC50-E4DF-4B5D-BD66-64D297EB3048",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A420EC0-2968-4F08-97D7-7F2086323711",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-eu-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "890A531B-A992-4826-9227-936A1E0DCEA9",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-eu-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBE2CB15-AAD1-44EC-AFE6-DBC2C7136680",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9012C4A1-8113-4A57-BA8D-B1717E19B3F1",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "642573FB-B3C4-483B-9409-3E8FA76299E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-us-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A55D113-D470-42D4-9F36-7CC6B9C2223A",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-us-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C69DDE3-DC55-4B8E-86A0-B32CB34FBA6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-jp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE2CCBD-F429-4652-96B4-959E0E52BCAB",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-jp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7B33B9-7F5D-4B92-911B-CC52106AA682",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-jp-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E188482-724C-482A-89DB-AF0FA6253139",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-jp-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4B1667-CB60-4938-8A23-FF856FB2CD8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, frequent and multiple requests for short-term use may cause the web server to fail."
},
{
"lang": "es",
"value": "En Moxa la serie ioLogik 2500 firmware, Versi\u00f3n 3.0 o por debajo, y la utilidad de configuraci\u00f3n IOxpress, Versi\u00f3n 2.3.0 o por debajo, las peticiones frecuentes y m\u00faltiples de uso a corto plazo pueden causar que el servidor web presente un fallo."
}
],
"id": "CVE-2019-18242",
"lastModified": "2024-11-21T04:32:54.327",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-24T17:15:11.110",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-941"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-26 22:15
Modified
2024-11-21 04:32
Severity ?
Summary
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-056-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-056-02 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1060F63B-42E8-4EE0-9A71-933080629E45",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC91E5AB-0CEE-4D58-83C4-EC3066F2D368",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA38DDD-0A0A-42FB-8C43-A3E0D0267B6D",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC9692C-08EC-4CDE-A69A-75C172130362",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-hspa_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09259434-AE8D-463A-8A83-4466D24B4F8D",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-hspa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4FF9E8-D2A1-4EED-A56C-C5517775C3CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-hspa-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11BEF8E5-BEB4-41CA-8DEC-B2448290238C",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-hspa-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C968278D-D141-49ED-9973-C684CEDBD3BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E1C82C-2B14-4406-BF86-02D5E29EBE4B",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA01CE1-F638-42F4-8E59-4FC7F7C8AB1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-eu-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0544A1EF-5846-454F-8692-7635F1F23467",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-eu-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C808B157-E545-49C2-ACF8-9E460E3B8272",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B159DE1B-DE12-4F53-8B04-350978E808F6",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E88BEA2-2EDB-4945-B800-E167EF93D50E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-us-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3339E6-27FD-43A9-A95A-A499A3AF24C7",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-us-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53A9D770-36C6-4F47-AA0B-D6A82306E303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-jp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B9F78B-884D-4775-8DC2-60C8A472BAD0",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-jp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B96F3BD8-26DB-4036-9AAA-8203390E72DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-jp-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3991346-BA4F-4720-BD58-329E62BA983C",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-jp-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9A98AC-1F19-470B-BDE1-C1DB989D7D68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "080CEAFC-E949-42BD-8C5B-279FAFAE1B46",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D7DF27-9153-4891-8430-CEDC84C82FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F209813-866A-473D-BF5D-76D90C01AF88",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489B9CFB-EDE6-4C4A-8D8F-3BB27F2598BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-hspa_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD426ED7-5CDB-4228-9A7C-3C14A3DC3593",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-hspa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29EE1B92-C03D-424A-89CC-6EED8D24D114",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-hspa-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A890802-63ED-4027-A664-56DF3584F3AF",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-hspa-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF1FF86-D4CF-40DC-8FD8-9CAA5388C28F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BACBC50-E4DF-4B5D-BD66-64D297EB3048",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A420EC0-2968-4F08-97D7-7F2086323711",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-eu-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "890A531B-A992-4826-9227-936A1E0DCEA9",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-eu-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBE2CB15-AAD1-44EC-AFE6-DBC2C7136680",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9012C4A1-8113-4A57-BA8D-B1717E19B3F1",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "642573FB-B3C4-483B-9409-3E8FA76299E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-us-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A55D113-D470-42D4-9F36-7CC6B9C2223A",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-us-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C69DDE3-DC55-4B8E-86A0-B32CB34FBA6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-jp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE2CCBD-F429-4652-96B4-959E0E52BCAB",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-jp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7B33B9-7F5D-4B92-911B-CC52106AA682",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-jp-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E188482-724C-482A-89DB-AF0FA6253139",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-jp-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4B1667-CB60-4938-8A23-FF856FB2CD8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account."
},
{
"lang": "es",
"value": "En el firmware Moxa ioLogik 2500 series, Versi\u00f3n 3.0 o inferior, y la utilidad de configuraci\u00f3n IOxpress, Versi\u00f3n 2.3.0 o inferior, la informaci\u00f3n confidencial es almacenada en archivos de configuraci\u00f3n sin cifrado, lo que puede permitir a un atacante acceder a una cuenta administrativa."
}
],
"id": "CVE-2019-18238",
"lastModified": "2024-11-21T04:32:53.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-26T22:15:11.390",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-24 18:15
Modified
2024-11-21 05:36
Severity ?
Summary
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-20-056-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-20-056-02 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1060F63B-42E8-4EE0-9A71-933080629E45",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC91E5AB-0CEE-4D58-83C4-EC3066F2D368",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA38DDD-0A0A-42FB-8C43-A3E0D0267B6D",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC9692C-08EC-4CDE-A69A-75C172130362",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-hspa_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09259434-AE8D-463A-8A83-4466D24B4F8D",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-hspa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4FF9E8-D2A1-4EED-A56C-C5517775C3CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-hspa-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11BEF8E5-BEB4-41CA-8DEC-B2448290238C",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-hspa-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C968278D-D141-49ED-9973-C684CEDBD3BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50E1C82C-2B14-4406-BF86-02D5E29EBE4B",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA01CE1-F638-42F4-8E59-4FC7F7C8AB1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-eu-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0544A1EF-5846-454F-8692-7635F1F23467",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-eu-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C808B157-E545-49C2-ACF8-9E460E3B8272",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B159DE1B-DE12-4F53-8B04-350978E808F6",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E88BEA2-2EDB-4945-B800-E167EF93D50E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-us-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3339E6-27FD-43A9-A95A-A499A3AF24C7",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-us-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53A9D770-36C6-4F47-AA0B-D6A82306E303",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-jp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94B9F78B-884D-4775-8DC2-60C8A472BAD0",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-jp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B96F3BD8-26DB-4036-9AAA-8203390E72DF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2512-wl1-jp-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3991346-BA4F-4720-BD58-329E62BA983C",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2512-wl1-jp-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9A98AC-1F19-470B-BDE1-C1DB989D7D68",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "080CEAFC-E949-42BD-8C5B-279FAFAE1B46",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D7DF27-9153-4891-8430-CEDC84C82FD5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F209813-866A-473D-BF5D-76D90C01AF88",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "489B9CFB-EDE6-4C4A-8D8F-3BB27F2598BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-hspa_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD426ED7-5CDB-4228-9A7C-3C14A3DC3593",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-hspa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29EE1B92-C03D-424A-89CC-6EED8D24D114",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-hspa-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A890802-63ED-4027-A664-56DF3584F3AF",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-hspa-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF1FF86-D4CF-40DC-8FD8-9CAA5388C28F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BACBC50-E4DF-4B5D-BD66-64D297EB3048",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A420EC0-2968-4F08-97D7-7F2086323711",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-eu-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "890A531B-A992-4826-9227-936A1E0DCEA9",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-eu-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBE2CB15-AAD1-44EC-AFE6-DBC2C7136680",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-us_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9012C4A1-8113-4A57-BA8D-B1717E19B3F1",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-us:-:*:*:*:*:*:*:*",
"matchCriteriaId": "642573FB-B3C4-483B-9409-3E8FA76299E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-us-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A55D113-D470-42D4-9F36-7CC6B9C2223A",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-us-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C69DDE3-DC55-4B8E-86A0-B32CB34FBA6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-jp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE2CCBD-F429-4652-96B4-959E0E52BCAB",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-jp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7B33B9-7F5D-4B92-911B-CC52106AA682",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_2542-wl1-jp-t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E188482-724C-482A-89DB-AF0FA6253139",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_2542-wl1-jp-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4B1667-CB60-4938-8A23-FF856FB2CD8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text."
},
{
"lang": "es",
"value": "En Moxa la serie ioLogik 2500 firmware, Versi\u00f3n 3.0 o inferior, y la utilidad de configuraci\u00f3n IOxpress, Versi\u00f3n 2.3.0 o inferior, la informaci\u00f3n confidencial es transmitida por medio de algunas aplicaciones web en texto claro."
}
],
"id": "CVE-2020-7003",
"lastModified": "2024-11-21T05:36:28.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-24T18:15:18.590",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-02"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}