Sensitive Information Exposure Risk Due to Cleartext Credentials Storage

CVE-2024-6785

7.1HIGH

Key Information

Vendor
Moxa
Status
Mxview One Series
Mxview One Central Manager Series
Vendor
CVE Published:
21 September 2024

Summary

The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.

Affected Version(s)

MXview One Series < 1.3.0

MXview One Central Manager Series < 1.0.0

Refferences

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

Noam Moshe of Claroty Research - Team82
.