Sensitive Information Exposure Risk Due to Cleartext Credentials Storage
CVE-2024-6785
7.1HIGH
Key Information
- Vendor
- Moxa
- Status
- Mxview One Series
- Mxview One Central Manager Series
- Vendor
- CVE Published:
- 21 September 2024
Summary
The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.
Affected Version(s)
MXview One Series < 1.3.0
MXview One Central Manager Series < 1.0.0
Refferences
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database
Credit
Noam Moshe of Claroty Research - Team82