CVE-2019-9095

EPSS 0.16%
Veröffentlicht 11.03.2020 15:15:16
Zuletzt bearbeitet 21.11.2024 04:50:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker may be able to intercept weakly encrypted passwords and gain administrative access.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Moxa ≫ Mb3170 Firmware Version <= 4.0

Moxa ≫ Mb3170 Version-

Moxa ≫ Mb3270 Firmware Version <= 4.0

Moxa ≫ Mb3270 Version-

Moxa ≫ Mb3180 Firmware Version <= 2.0

Moxa ≫ Mb3180 Version-

Moxa ≫ Mb3280 Firmware Version <= 3.0

Moxa ≫ Mb3280 Version-

Moxa ≫ Mb3480 Firmware Version <= 3.0

Moxa ≫ Mb3480 Version-

Moxa ≫ Mb3660 Firmware Version <= 2.2

Moxa ≫ Mb3660 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.16%	0.366

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
cve@mitre.org	6.2	2.5	3.6	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

https://www.moxa.com/en/support/support/security-advisory/mb3710-3180-3270-3280-3480-3660-vulnerabilities

Vendor Advisory

https://www.us-cert.gov/ics/advisories/icsa-20-056-01

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2019-9095

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-9095

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-9095

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2019-9095