CVE-2017-16715

7.5HIGH

Key Information:

Vendor: Moxa
Status: Moxa Nport 5110, 5130, And 5150
Vendor: CVE Published:; 16 November 2017

Summary

An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame padding that may allow for information exposure.

Affected Version(s)

Moxa NPort 5110, 5130, and 5150 Moxa NPort 5110, 5130, and 5150

References

http://www.securityfocus.com/bid/101885

vdb-entryx_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 16, 2017
Vulnerability Reserved
Nov 9, 2017