Authentication Bypass in Moxa OnCell Central Manager
CVE-2015-6480

8.3HIGH

Key Information:

Vendor

Moxa
Status
Oncell Central Manager
Vendor
CVE Published:
21 December 2015

What is CVE-2015-6480?

The MessageBrokerServlet in Moxa OnCell Central Manager versions prior to 2.2 lacks proper authentication controls. This vulnerability allows remote attackers to gain unauthorized administrative access by executing specific commands, such as adding users and groups. This flaw poses a significant security risk, enabling potential exploitation of sensitive system functions without authentication.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://zerodayinitiative.com/advisories/ZDI-15-452/
x_refsource_MISC
https://ics-cert.us-cert.gov/advisories/ICSA-15-328-01
x_refsource_MISC

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.