PT-2016-5098 · Moxa · Miineport E2 1242+4
Karn Ganeshen
·
Published
2016-05-31
·
Updated
2016-11-30
·
CVE-2016-2295
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Moxa MiiNePort E1 4641 version 1.1.10 Build 09120714
Moxa MiiNePort E1 7080 version 1.1.10 Build 09120714
Moxa MiiNePort E2 1242 version 1.1 Build 10080614
Moxa MiiNePort E2 4561 version 1.1 Build 10080614
Moxa MiiNePort E3 version 1.0 Build 11071409
Description
The issue allows remote attackers to obtain sensitive cleartext information by reading a configuration file.
Recommendations
For Moxa MiiNePort E1 4641 version 1.1.10 Build 09120714, restrict access to the configuration file to minimize the risk of exploitation.
For Moxa MiiNePort E1 7080 version 1.1.10 Build 09120714, restrict access to the configuration file to minimize the risk of exploitation.
For Moxa MiiNePort E2 1242 version 1.1 Build 10080614, restrict access to the configuration file to minimize the risk of exploitation.
For Moxa MiiNePort E2 4561 version 1.1 Build 10080614, restrict access to the configuration file to minimize the risk of exploitation.
For Moxa MiiNePort E3 version 1.0 Build 11071409, restrict access to the configuration file to minimize the risk of exploitation.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Miineport E3
Miineport E1 4641
Miineport E1 7080
Miineport E2 1242
Miineport E2 4561