CVE-2016-9344

7.5HIGH

Key Information:

Vendor: Moxa
Status: Moxa Miineport
Vendor: CVE Published:; 13 February 2017

Summary

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. An attacker may be able to brute force an active session cookie to be able to download configuration files.

Affected Version(s)

Moxa MiiNePort Moxa MiiNePort

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-343-01

x_refsource_MISC

http://www.securityfocus.com/bid/94783

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 13, 2017
Vulnerability Reserved
Nov 16, 2016