Search criteria
5 vulnerabilities found for OnCell G3100V2 Series by Moxa
VAR-201903-0639
Vulnerability from variot - Updated: 2023-12-18 12:20Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server. plural Moxa The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. MoxaOnCellG3100 and others are IP gateway products of Moxa
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0639",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "oncell g3111",
"scope": "lt",
"trust": 1.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": "lt",
"trust": 1.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3211",
"scope": "lt",
"trust": 1.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3251",
"scope": "lt",
"trust": 1.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "2.8"
},
{
"model": "oncell g3100v2 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "2.8"
},
{
"model": "oncell g3111 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3211 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3251 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3100v2",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=2.28"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"db": "NVD",
"id": "CVE-2016-5819"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3100v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.8",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3100v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3111_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3111:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3151_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3151:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3211_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3211:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3251_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3251:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5819"
}
]
},
"cve": "CVE-2016-5819",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-5819",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-07360",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-5819",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5819",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-07360",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-053",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"db": "NVD",
"id": "CVE-2016-5819"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user\u2019s browser within the trust relationship between their browser and the server. plural Moxa The product contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. MoxaOnCellG3100 and others are IP gateway products of Moxa",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5819"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"db": "CNVD",
"id": "CNVD-2016-07360"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-16-236-01",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2016-5819",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-009322",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-07360",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201609-053",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"db": "NVD",
"id": "CVE-2016-5819"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
]
},
"id": "VAR-201903-0639",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07360"
}
],
"trust": 1.2728571659999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07360"
}
]
},
"last_update_date": "2023-12-18T12:20:22.603000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/en/"
},
{
"title": "Patches for multiple Moxa product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/81211"
},
{
"title": "Multiple Moxa Fixes for product cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63882"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"db": "NVD",
"id": "CVE-2016-5819"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-236-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5819"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5819"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"db": "NVD",
"id": "CVE-2016-5819"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-07360"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"db": "NVD",
"id": "CVE-2016-5819"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07360"
},
{
"date": "2019-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"date": "2019-03-21T15:59:41.420000",
"db": "NVD",
"id": "CVE-2016-5819"
},
{
"date": "2016-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07360"
},
{
"date": "2019-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-009322"
},
{
"date": "2020-02-10T21:34:47.700000",
"db": "NVD",
"id": "CVE-2016-5819"
},
{
"date": "2020-06-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Moxa Product cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-009322"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-053"
}
],
"trust": 0.6
}
}
VAR-201608-0260
Vulnerability from variot - Updated: 2023-12-18 12:20Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file. MoxaOnCellG3100V2 and so on are Moxa's IP gateway products. Moxa OnCell is prone to local information-disclosure vulnerability. The following products are affected : Moxa OnCell G3100V2 Series, editions prior to Version 2.8. Moxa OnCell G3111/G3151/G3211/G3251 Series,editions prior to 1.7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "oncell g3100v2",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "2.7"
},
{
"model": "oncell g3001",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3100v2 series",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3100v2 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "2.8"
},
{
"model": "oncell g3111/g3151/g3211/g3251 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3211",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3251",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3100v2",
"scope": "lt",
"trust": 0.6,
"vendor": "moxa",
"version": "2.8"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3001",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3100v2",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "2.7"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3100v2",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "2.6"
},
{
"model": "oncell g3251",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3211",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3111",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3100v2",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "2.8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3001_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3151:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3111:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3251:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3211:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3100v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3100v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maxim Rupp.",
"sources": [
{
"db": "BID",
"id": "92605"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5812",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-5812",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-06702",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-94631",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-5812",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5812",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2016-06702",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-429",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-94631",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file. MoxaOnCellG3100V2 and so on are Moxa\u0027s IP gateway products. Moxa OnCell is prone to local information-disclosure vulnerability. \nThe following products are affected :\nMoxa OnCell G3100V2 Series, editions prior to Version 2.8. \nMoxa OnCell G3111/G3151/G3211/G3251 Series,editions prior to 1.7",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "VULHUB",
"id": "VHN-94631"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5812",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-16-236-01",
"trust": 3.4
},
{
"db": "BID",
"id": "92605",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-06702",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-94631",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"id": "VAR-201608-0260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
}
],
"trust": 1.3728571659999997
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
}
]
},
"last_update_date": "2023-12-18T12:20:22.571000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Firmware for OnCell G3100V2 Series",
"trust": 0.8,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=416\u0026type_id=4"
},
{
"title": "Firmware for OnCell G3111/G3151/G3211/G3251 Series",
"trust": 0.8,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=316\u0026type_id=4"
},
{
"title": "Patches for multiple Moxa product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/80730"
},
{
"title": "Multiple Moxa Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63755"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-236-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/92605"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5812"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5812"
},
{
"trust": 0.6,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=316\u0026type_id=4"
},
{
"trust": 0.6,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=416\u0026type_id=4"
},
{
"trust": 0.3,
"url": "http://www.moxa.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"date": "2016-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-94631"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92605"
},
{
"date": "2016-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"date": "2016-08-24T02:00:24.963000",
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"date": "2016-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94631"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92605"
},
{
"date": "2016-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"date": "2016-11-28T20:29:36.613000",
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"date": "2016-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "92605"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Moxa OnCell Vulnerabilities that capture important information on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
],
"trust": 0.6
}
}
VAR-201608-0259
Vulnerability from variot - Updated: 2023-12-18 12:20Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. Supplementary information : CWE Vulnerability type by CWE-285: Improper Authorization ( Inappropriate authentication ) Has been identified. http://cwe.mitre.org/data/definitions/285.htmlRound robin by a third party (brute-force) Access may be gained through an attack. MoxaOnCellG3100V2 and so on are Moxa's IP gateway products. A remote attacker can exploit the vulnerability to gain access by exploiting a brute force attack. Moxa OnCell is prone to a remote unspecified authentication bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. The following products are vulnerable: OnCell G3100V2 Series versions prior to 2.8 are vulnerable. OnCell G3111/G3151/G3211/G3251 Series versions prior to 1.7 are vulnerable. A security vulnerability exists in several Moxa products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0259",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "oncell g3100v2",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "2.7"
},
{
"model": "oncell g3001",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3100v2 series",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3100v2 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "2.8"
},
{
"model": "oncell g3111/g3151/g3211/g3251 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3211",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3251",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3100v2",
"scope": "lt",
"trust": 0.6,
"vendor": "moxa",
"version": "2.8"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3001",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3100v2",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "2.7"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "0"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "0"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "0"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "0"
},
{
"model": "oncell g3100v2",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "2.6"
},
{
"model": "oncell g3251",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3211",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3111",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3100v2",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "2.8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"db": "BID",
"id": "92606"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"db": "NVD",
"id": "CVE-2016-5799"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3001_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3251:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3211:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3151:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3111:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:moxa:oncell_g3100v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:moxa:oncell_g3100v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5799"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maxim Rupp.",
"sources": [
{
"db": "BID",
"id": "92606"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5799",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-5799",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-06703",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-94618",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-5799",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5799",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2016-06703",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-430",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-94618",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"db": "VULHUB",
"id": "VHN-94618"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"db": "NVD",
"id": "CVE-2016-5799"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. Supplementary information : CWE Vulnerability type by CWE-285: Improper Authorization ( Inappropriate authentication ) Has been identified. http://cwe.mitre.org/data/definitions/285.htmlRound robin by a third party (brute-force) Access may be gained through an attack. MoxaOnCellG3100V2 and so on are Moxa\u0027s IP gateway products. A remote attacker can exploit the vulnerability to gain access by exploiting a brute force attack. Moxa OnCell is prone to a remote unspecified authentication bypass vulnerability. \nAn attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. \nThe following products are vulnerable:\nOnCell G3100V2 Series versions prior to 2.8 are vulnerable. \nOnCell G3111/G3151/G3211/G3251 Series versions prior to 1.7 are vulnerable. A security vulnerability exists in several Moxa products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5799"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"db": "BID",
"id": "92606"
},
{
"db": "VULHUB",
"id": "VHN-94618"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5799",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-16-236-01",
"trust": 3.4
},
{
"db": "BID",
"id": "92606",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201608-430",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-06703",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-94618",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"db": "VULHUB",
"id": "VHN-94618"
},
{
"db": "BID",
"id": "92606"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"db": "NVD",
"id": "CVE-2016-5799"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
]
},
"id": "VAR-201608-0259",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"db": "VULHUB",
"id": "VHN-94618"
}
],
"trust": 1.3728571659999997
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06703"
}
]
},
"last_update_date": "2023-12-18T12:20:22.629000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Firmware for OnCell G3100V2 Series",
"trust": 0.8,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=416\u0026type_id=4"
},
{
"title": "Firmware for OnCell G3111/G3151/G3211/G3251 Series",
"trust": 0.8,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=316\u0026type_id=4"
},
{
"title": "A variety of Moxa product permissions to obtain vulnerability patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/80731"
},
{
"title": "Multiple Moxa Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63744"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-285",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94618"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"db": "NVD",
"id": "CVE-2016-5799"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-236-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/92606"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5799"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5799"
},
{
"trust": 0.6,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=316\u0026type_id=4"
},
{
"trust": 0.6,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=416\u0026type_id=4"
},
{
"trust": 0.3,
"url": "http://www.moxa.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"db": "VULHUB",
"id": "VHN-94618"
},
{
"db": "BID",
"id": "92606"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"db": "NVD",
"id": "CVE-2016-5799"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"db": "VULHUB",
"id": "VHN-94618"
},
{
"db": "BID",
"id": "92606"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"db": "NVD",
"id": "CVE-2016-5799"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"date": "2016-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-94618"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92606"
},
{
"date": "2016-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"date": "2016-08-24T02:00:24.087000",
"db": "NVD",
"id": "CVE-2016-5799"
},
{
"date": "2016-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06703"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94618"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92606"
},
{
"date": "2016-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004449"
},
{
"date": "2016-11-28T20:29:33.097000",
"db": "NVD",
"id": "CVE-2016-5799"
},
{
"date": "2016-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Moxa OnCell Vulnerability to gain access rights on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004449"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-430"
}
],
"trust": 0.6
}
}
CVE-2016-5819 (GCVE-0-2016-5819)
Vulnerability from cvelistv5 – Published: 2019-03-21 13:23 – Updated: 2024-08-06 01:15
VLAI?
Summary
Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site scripting CWE-79
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Moxa | OnCell G3100V2 Series |
Affected:
< 2.8
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OnCell G3100V2 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "\u003c 2.8"
}
]
},
{
"product": "OnCell G3111/G3151/G3211/G3251 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user\u2019s browser within the trust relationship between their browser and the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site scripting CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-21T13:23:04",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-5819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OnCell G3100V2 Series",
"version": {
"version_data": [
{
"version_value": "\u003c 2.8"
}
]
}
}
]
},
"vendor_name": "Moxa"
},
{
"product": {
"product_data": [
{
"product_name": "OnCell G3111/G3151/G3211/G3251 Series",
"version": {
"version_data": [
{
"version_value": "\u003c 1.7"
}
]
}
}
]
},
"vendor_name": "Moxa"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user\u2019s browser within the trust relationship between their browser and the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-5819",
"datePublished": "2019-03-21T13:23:04",
"dateReserved": "2016-06-23T00:00:00",
"dateUpdated": "2024-08-06T01:15:10.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5819 (GCVE-0-2016-5819)
Vulnerability from nvd – Published: 2019-03-21 13:23 – Updated: 2024-08-06 01:15
VLAI?
Summary
Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server.
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site scripting CWE-79
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Moxa | OnCell G3100V2 Series |
Affected:
< 2.8
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OnCell G3100V2 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "\u003c 2.8"
}
]
},
{
"product": "OnCell G3111/G3151/G3211/G3251 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user\u2019s browser within the trust relationship between their browser and the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site scripting CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-21T13:23:04",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-5819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OnCell G3100V2 Series",
"version": {
"version_data": [
{
"version_value": "\u003c 2.8"
}
]
}
}
]
},
"vendor_name": "Moxa"
},
{
"product": {
"product_data": [
{
"product_name": "OnCell G3111/G3151/G3211/G3251 Series",
"version": {
"version_data": [
{
"version_value": "\u003c 1.7"
}
]
}
}
]
},
"vendor_name": "Moxa"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user\u2019s browser within the trust relationship between their browser and the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-5819",
"datePublished": "2019-03-21T13:23:04",
"dateReserved": "2016-06-23T00:00:00",
"dateUpdated": "2024-08-06T01:15:10.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}