PT-2016-5098 · Moxa · Miineport E2 1242+4
Karn Ganeshen
·
Publicado
2016-05-31
·
Atualizado
2016-11-30
·
CVE-2016-2295
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Moxa MiiNePort E1 4641 version 1.1.10 Build 09120714
Moxa MiiNePort E1 7080 version 1.1.10 Build 09120714
Moxa MiiNePort E2 1242 version 1.1 Build 10080614
Moxa MiiNePort E2 4561 version 1.1 Build 10080614
Moxa MiiNePort E3 version 1.0 Build 11071409
Description
The issue allows remote attackers to obtain sensitive cleartext information by reading a configuration file.
Recommendations
For Moxa MiiNePort E1 4641 version 1.1.10 Build 09120714, restrict access to the configuration file to minimize the risk of exploitation.
For Moxa MiiNePort E1 7080 version 1.1.10 Build 09120714, restrict access to the configuration file to minimize the risk of exploitation.
For Moxa MiiNePort E2 1242 version 1.1 Build 10080614, restrict access to the configuration file to minimize the risk of exploitation.
For Moxa MiiNePort E2 4561 version 1.1 Build 10080614, restrict access to the configuration file to minimize the risk of exploitation.
For Moxa MiiNePort E3 version 1.0 Build 11071409, restrict access to the configuration file to minimize the risk of exploitation.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Miineport E3
Miineport E1 4641
Miineport E1 7080
Miineport E2 1242
Miineport E2 4561