CVE-2016-8362

6.5MEDIUM

Key Information:

Vendor: Moxa
Status: Moxa Oncell
Vendor: CVE Published:; 13 February 2017

Summary

An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series, TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, and AWK-5222/6222 Series. Any user is able to download log files by accessing a specific URL.

Affected Version(s)

Moxa OnCell Moxa OnCell

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-308-01

x_refsource_MISC

http://www.securityfocus.com/bid/94092

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 13, 2017
Vulnerability Reserved
Sep 28, 2016