PT-2017-9629 · Moxa · Moxa Iologik E1242+16

Published

2017-02-13

·

Updated

2021-05-19

·

CVE-2016-8350

CVSS v2.0

6.8

Medium

VectorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Moxa ioLogik E1210 versions V2.4 and prior Moxa ioLogik E1211 versions V2.3 and prior Moxa ioLogik E1212 versions V2.4 and prior Moxa ioLogik E1213 versions V2.5 and prior Moxa ioLogik E1214 versions V2.4 and prior Moxa ioLogik E1240 versions V2.3 and prior Moxa ioLogik E1241 versions V2.4 and prior Moxa ioLogik E1242 versions V2.4 and prior Moxa ioLogik E1260 versions V2.4 and prior Moxa ioLogik E1262 versions V2.4 and prior Moxa ioLogik E2210 versions prior to V3.13 Moxa ioLogik E2212 versions prior to V3.14 Moxa ioLogik E2214 versions prior to V3.12 Moxa ioLogik E2240 versions prior to V3.12 Moxa ioLogik E2242 versions prior to V3.12 Moxa ioLogik E2260 versions prior to V3.13 Moxa ioLogik E2262 versions prior to V3.12
Description The web application may not sufficiently verify whether a request was provided by a valid user. This issue is related to CROSS-SITE REQUEST FORGERY.
Recommendations For Moxa ioLogik E1210 versions V2.4 and prior, update to a version later than V2.4. For Moxa ioLogik E1211 versions V2.3 and prior, update to a version later than V2.3. For Moxa ioLogik E1212 versions V2.4 and prior, update to a version later than V2.4. For Moxa ioLogik E1213 versions V2.5 and prior, update to a version later than V2.5. For Moxa ioLogik E1214 versions V2.4 and prior, update to a version later than V2.4. For Moxa ioLogik E1240 versions V2.3 and prior, update to a version later than V2.3. For Moxa ioLogik E1241 versions V2.4 and prior, update to a version later than V2.4. For Moxa ioLogik E1242 versions V2.4 and prior, update to a version later than V2.4. For Moxa ioLogik E1260 versions V2.4 and prior, update to a version later than V2.4. For Moxa ioLogik E1262 versions V2.4 and prior, update to a version later than V2.4. For Moxa ioLogik E2210 versions prior to V3.13, update to V3.13 or later. For Moxa ioLogik E2212 versions prior to V3.14, update to V3.14 or later. For Moxa ioLogik E2214 versions prior to V3.12, update to V3.12 or later. For Moxa ioLogik E2240 versions prior to V3.12, update to V3.12 or later. For Moxa ioLogik E2242 versions prior to V3.12, update to V3.12 or later. For Moxa ioLogik E2260 versions prior to V3.13, update to V3.13 or later. For Moxa ioLogik E2262 versions prior to V3.12, update to V3.12 or later.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2016-8350

Affected Products

Moxa Iologik E1210
Moxa Iologik E1211
Moxa Iologik E1212
Moxa Iologik E1213
Moxa Iologik E1214
Moxa Iologik E1240
Moxa Iologik E1241
Moxa Iologik E1242
Moxa Iologik E1260
Moxa Iologik E1262
Moxa Iologik E2210
Moxa Iologik E2212
Moxa Iologik E2214
Moxa Iologik E2240
Moxa Iologik E2242
Moxa Iologik E2260
Moxa Iologik E2262