Cleartext Password Storage Vulnerability in Moxa OnCell Devices
CVE-2016-5812

3.3LOW

Key Information:

Vendor
Moxa
Status
Oncell G3001 Firmware
Vendor
CVE Published:
24 August 2016

Summary

The Moxa OnCell G3100V2 and associated models exhibit a vulnerability due to the storage of passwords in cleartext format. This design flaw can potentially allow local users to access sensitive information stored in configuration files. As a result, unauthorized access to device configurations may occur, leading to security risks and data exposure. Users are advised to update to the latest firmware versions to mitigate this risk.

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01
x_refsource_MISC
http://www.securityfocus.com/bid/92605
vdb-entryx_refsource_BID

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.