PT-2016-6689 · Moxa · Mgate Mb3180+4
Maxim Rupp
·
Publicado
2016-07-15
·
Atualizado
2021-07-16
·
CVE-2016-5804
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Moxa MGate MB3180 versions 1.8 and earlier
Moxa MGate MB3280 versions 2.7 and earlier
Moxa MGate MB3480 versions 2.6 and earlier
Moxa MGate MB3170 versions 2.5 and earlier
Moxa MGate MB3270 versions 2.7 and earlier
Description
The issue allows remote attackers to bypass authentication via a brute-force series of guesses for a
parameter value. This is due to the use of weak encryption.Recommendations
For Moxa MGate MB3180 version 1.8 and earlier, update to version 1.8 or later.
For Moxa MGate MB3280 version 2.7 and earlier, update to version 2.7 or later.
For Moxa MGate MB3480 version 2.6 and earlier, update to version 2.6 or later.
For Moxa MGate MB3170 version 2.5 and earlier, update to version 2.5 or later.
For Moxa MGate MB3270 version 2.7 and earlier, update to version 2.7 or later.
Correção
Inadequate Encryption Strength
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mgate Mb3170
Mgate Mb3180
Mgate Mb3270
Mgate Mb3280
Mgate Mb3480