7.5

CVE-2017-16715

EPSS 0.25%
Veröffentlicht 16.11.2017 21:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame padding that may allow for information exposure.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Moxa ≫ Nport 5110 Firmware Version2.2

Moxa ≫ Nport 5110 Version-

Moxa ≫ Nport 5110 Firmware Version2.4

Moxa ≫ Nport 5110 Version-

Moxa ≫ Nport 5110 Firmware Version2.6

Moxa ≫ Nport 5110 Version-

Moxa ≫ Nport 5110 Firmware Version2.7

Moxa ≫ Nport 5110 Version-

Moxa ≫ Nport 5130 Firmware Version <= 3.7

Moxa ≫ Nport 5130 Version-

Moxa ≫ Nport 5150 Firmware Version <= 3.7

Moxa ≫ Nport 5150 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.25%	0.477

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.securityfocus.com/bid/101885

Third Party Advisory

VDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2017-16715

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-16715

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-16715

EUVD