Search criteria
12 vulnerabilities found for iologik_e1200_series_firmware by moxa
FKIE_CVE-2016-8379
Vulnerability from fkie_nvd - Published: 2017-02-13 21:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/93550 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93550 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDD74B-F96C-41AB-AA34-F86A29B00A18",
"versionEndIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DDCD42-10D5-46B2-AB91-66EF30D5D645",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "616E5D0B-0D3A-4808-8C15-2FDC35E8605C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0837606-60F7-4563-8F80-AE7C1CC3F469",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1241:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3239D045-8A7C-4407-B77C-E82C178D8B90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D40DF4C-0EA9-44B0-8D8C-D1FC2AB5A357",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B4FA04-BF84-4B8A-A295-0312A3790F2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3366C39B-50FD-497B-A6A1-875CEB8913C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A83428D7-5341-4A92-8D18-F37B9D832B64",
"versionEndIncluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "308E46FB-488A-4907-9A69-AACDE23A3394",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77A9D90D-0419-410C-AF65-0FFE0FF2882F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8AFCCE-B83F-4756-B8CB-D7FC1C829B7D",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1213:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AAE4F4E-779C-401F-A75E-AC66757DD313",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62B1218A-B9FD-41C1-8CD6-FEF3DA183BE0",
"versionEndIncluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95D941B-95C8-461B-8E96-0B6EC3A46AA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F2BAE6-8A3C-4A1B-871A-3EF069C643C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "340A9411-F756-493C-8F95-7218C3F8548E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD47951B-A792-48E4-A8B1-D19616177FA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D3E455-D965-495E-9912-EDE6E2FC64F5",
"versionEndIncluding": "3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "861285B9-D63C-42A7-B694-A6F68DF5489B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FE3E7C-F4A3-46EC-B823-2D2B9E0EDF37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "957E228F-7C70-4A52-A265-C45685945711",
"versionEndIncluding": "3.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38D2B0D8-AD5E-4C19-8AA7-37B471342BA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords."
},
{
"lang": "es",
"value": "Ha sido descubierto un problema en Moxa ioLogik E1210, firmware Version V2.4 y anteriores, ioLogik E1211, firmware Version V2.3 y anteriores, ioLogik E1212, firmware Version V2.4 y anteriores, ioLogik E1213, firmware Version V2.5 y anteriores, ioLogik E1214, firmware Version V2.4 y anteriores, ioLogik E1240, firmware Version V2.3 y anteriores, ioLogik E1241, firmware Version V2.4 y anteriores, ioLogik E1242, firmware Version V2.4 y anteriores, ioLogik E1260, firmware Version V2.4 y anteriores, ioLogik E1262, firmware Version V2.4 y anteriores, ioLogik E2210, versiones de firmware anteriores a V3.13, ioLogik E2212, versiones de firmware anteriores a V3.14, ioLogik E2214, versiones de firmware anteriores a V3.12, ioLogik E2240, versiones de firmware anteriores a V3.12, ioLogik E2242, versiones de firmware anteriores a V3.12, ioLogik E2260, versiones de firmware anteriores a V3.13 y ioLogik E2262, versiones de firmware anteriores a V3.12. Los usuarios est\u00e1n restringidos a usar contrase\u00f1as cortas."
}
],
"evaluatorComment": "CWE-521: Weak Password Requirements",
"id": "CVE-2016-8379",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-13T21:59:01.423",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93550"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8372
Vulnerability from fkie_nvd - Published: 2017-02-13 21:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/93550 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93550 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDD74B-F96C-41AB-AA34-F86A29B00A18",
"versionEndIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DDCD42-10D5-46B2-AB91-66EF30D5D645",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "616E5D0B-0D3A-4808-8C15-2FDC35E8605C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0837606-60F7-4563-8F80-AE7C1CC3F469",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1241:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3239D045-8A7C-4407-B77C-E82C178D8B90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D40DF4C-0EA9-44B0-8D8C-D1FC2AB5A357",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B4FA04-BF84-4B8A-A295-0312A3790F2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3366C39B-50FD-497B-A6A1-875CEB8913C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A83428D7-5341-4A92-8D18-F37B9D832B64",
"versionEndIncluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "308E46FB-488A-4907-9A69-AACDE23A3394",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77A9D90D-0419-410C-AF65-0FFE0FF2882F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8AFCCE-B83F-4756-B8CB-D7FC1C829B7D",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1213:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AAE4F4E-779C-401F-A75E-AC66757DD313",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62B1218A-B9FD-41C1-8CD6-FEF3DA183BE0",
"versionEndIncluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95D941B-95C8-461B-8E96-0B6EC3A46AA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F2BAE6-8A3C-4A1B-871A-3EF069C643C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "340A9411-F756-493C-8F95-7218C3F8548E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD47951B-A792-48E4-A8B1-D19616177FA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D3E455-D965-495E-9912-EDE6E2FC64F5",
"versionEndIncluding": "3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "861285B9-D63C-42A7-B694-A6F68DF5489B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FE3E7C-F4A3-46EC-B823-2D2B9E0EDF37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "957E228F-7C70-4A52-A265-C45685945711",
"versionEndIncluding": "3.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38D2B0D8-AD5E-4C19-8AA7-37B471342BA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure."
},
{
"lang": "es",
"value": "Ha sido descubierto un problema en Moxa ioLogik E1210, firmware Version V2.4 y anteriores, ioLogik E1211, firmware Version V2.3 y anteriores, ioLogik E1212, firmware Version V2.4 y anteriores, ioLogik E1213, firmware Version V2.5 y anteriores, ioLogik E1214, firmware Version V2.4 y anteriores, ioLogik E1240, firmware Version V2.3 y anteriores, ioLogik E1241, firmware Version V2.4 y anteriores, ioLogik E1242, firmware Version V2.4 y anteriores, ioLogik E1260, firmware Version V2.4 y anteriores, ioLogik E1262, firmware Version V2.4 y anteriores, ioLogik E2210, versiones de firmware anteriores a V3.13, ioLogik E2212, versiones de firmware anteriores a V3.14, ioLogik E2214, versiones de firmware anteriores a V3.12, ioLogik E2240, versiones de firmware anteriores a V3.12, ioLogik E2242, versiones de firmware anteriores a V3.12, ioLogik E2260, versiones de firmware anteriores a V3.13 y ioLogik E2262, versiones de firmware anteriores a V3.12. Una contrase\u00f1a es transmitida en un formato que no es suficientemente seguro."
}
],
"id": "CVE-2016-8372",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-13T21:59:01.253",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93550"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8359
Vulnerability from fkie_nvd - Published: 2017-02-13 21:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING).
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/93550 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93550 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDD74B-F96C-41AB-AA34-F86A29B00A18",
"versionEndIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DDCD42-10D5-46B2-AB91-66EF30D5D645",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "616E5D0B-0D3A-4808-8C15-2FDC35E8605C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0837606-60F7-4563-8F80-AE7C1CC3F469",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1241:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3239D045-8A7C-4407-B77C-E82C178D8B90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D40DF4C-0EA9-44B0-8D8C-D1FC2AB5A357",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B4FA04-BF84-4B8A-A295-0312A3790F2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3366C39B-50FD-497B-A6A1-875CEB8913C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A83428D7-5341-4A92-8D18-F37B9D832B64",
"versionEndIncluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "308E46FB-488A-4907-9A69-AACDE23A3394",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77A9D90D-0419-410C-AF65-0FFE0FF2882F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8AFCCE-B83F-4756-B8CB-D7FC1C829B7D",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1213:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AAE4F4E-779C-401F-A75E-AC66757DD313",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62B1218A-B9FD-41C1-8CD6-FEF3DA183BE0",
"versionEndIncluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95D941B-95C8-461B-8E96-0B6EC3A46AA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F2BAE6-8A3C-4A1B-871A-3EF069C643C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "340A9411-F756-493C-8F95-7218C3F8548E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD47951B-A792-48E4-A8B1-D19616177FA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D3E455-D965-495E-9912-EDE6E2FC64F5",
"versionEndIncluding": "3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "861285B9-D63C-42A7-B694-A6F68DF5489B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FE3E7C-F4A3-46EC-B823-2D2B9E0EDF37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "957E228F-7C70-4A52-A265-C45685945711",
"versionEndIncluding": "3.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38D2B0D8-AD5E-4C19-8AA7-37B471342BA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING)."
},
{
"lang": "es",
"value": "Ha sido descubierto un problema en Moxa ioLogik E1210, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1211, firmware Versi\u00f3n V2.3 y anteriores, ioLogik E1212, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1213, firmware Versi\u00f3n V2.5 y anteriores, IoLogik E1214, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1240, firmware Versi\u00f3n V2.3 y anteriores, ioLogik E1241, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1242, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1260, firmware Versi\u00f3n V2 .4 y anteriores, ioLogik E1262, versiones de firmware V2.4 y anteriores, ioLogik E2210, versiones de firmware anteriores a V3.13, ioLogik E2212, versiones de firmware anteriores a V3.14, ioLogik E2214, versiones de firmware anteriores a V3.12, ioLogik E2240, versiones de firmware anteriores a V3.12, ioLogik E2242, versiones de firmware anteriores a V3.12, ioLogik E2260, versiones de firmware anteriores a V3.13 y ioLogik E2262, versiones de firmware anteriores a V3.12. La aplicaci\u00f3n web no puede desinfectar la entrada del usuario, lo que puede permitir a un atacante inyectar secuencias de comandos o ejecutar c\u00f3digo arbitrario (CROSS-SITE SCRIPTING)."
}
],
"id": "CVE-2016-8359",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-13T21:59:00.957",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93550"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8350
Vulnerability from fkie_nvd - Published: 2017-02-13 21:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY).
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/93550 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93550 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCDDD74B-F96C-41AB-AA34-F86A29B00A18",
"versionEndIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67DDCD42-10D5-46B2-AB91-66EF30D5D645",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "616E5D0B-0D3A-4808-8C15-2FDC35E8605C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0837606-60F7-4563-8F80-AE7C1CC3F469",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1241:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3239D045-8A7C-4407-B77C-E82C178D8B90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D40DF4C-0EA9-44B0-8D8C-D1FC2AB5A357",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B4FA04-BF84-4B8A-A295-0312A3790F2E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3366C39B-50FD-497B-A6A1-875CEB8913C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A83428D7-5341-4A92-8D18-F37B9D832B64",
"versionEndIncluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "308E46FB-488A-4907-9A69-AACDE23A3394",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e1240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77A9D90D-0419-410C-AF65-0FFE0FF2882F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e1200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8AFCCE-B83F-4756-B8CB-D7FC1C829B7D",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e1213:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9AAE4F4E-779C-401F-A75E-AC66757DD313",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62B1218A-B9FD-41C1-8CD6-FEF3DA183BE0",
"versionEndIncluding": "3.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95D941B-95C8-461B-8E96-0B6EC3A46AA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94F2BAE6-8A3C-4A1B-871A-3EF069C643C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2242:-:*:*:*:*:*:*:*",
"matchCriteriaId": "340A9411-F756-493C-8F95-7218C3F8548E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2262:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD47951B-A792-48E4-A8B1-D19616177FA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D3E455-D965-495E-9912-EDE6E2FC64F5",
"versionEndIncluding": "3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "861285B9-D63C-42A7-B694-A6F68DF5489B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:moxa:iologik_e2260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FE3E7C-F4A3-46EC-B823-2D2B9E0EDF37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:iologik_e2200_series_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "957E228F-7C70-4A52-A265-C45685945711",
"versionEndIncluding": "3.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:iologik_e2212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38D2B0D8-AD5E-4C19-8AA7-37B471342BA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY)."
},
{
"lang": "es",
"value": "Ha sido descubierto un problema en Moxa ioLogik E1210, firmware Versi\u00f3n V2.4 y anterior, ioLogik E1211, firmware Versi\u00f3n V2.3 y anteriores, ioLogik E1212, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1213, firmware Versi\u00f3n V2.5 y anteriores, IoLogik E1214, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1240, firmware Versi\u00f3n V2.3 y anteriores, ioLogik E1241, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1242, firmware Versi\u00f3n V2.4 y anteriores, ioLogik E1260, firmware Versi\u00f3n V2 .4 y anteriores, ioLogik E1262, versiones de firmware V2.4 y anteriores, ioLogik E2210, versiones de firmware anteriores a V3.13, ioLogik E2212, versiones de firmware anteriores a V3.14, ioLogik E2214, versiones de firmware anteriores a V3.12, ioLogik E2240, versiones de firmware anteriores a V3.12, ioLogik E2242, versiones de firmware anteriores a V3.12, ioLogik E2260, versiones de firmware anteriores a V3.13 y ioLogik E2262, versiones de firmware anteriores a V3.12. Es posible que la aplicaci\u00f3n web no verifique suficientemente si una solicitud fue proporcionada por un usuario v\u00e1lido (CROSS-SITE REQUEST FORGERY)."
}
],
"id": "CVE-2016-8350",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-13T21:59:00.737",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93550"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-8359 (GCVE-0-2016-8359)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:20
VLAI?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING).
Severity ?
No CVSS data available.
CWE
- Moxa ioLogik E1200 Series XSS
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik E1200 Series before 3.12 |
Affected:
Moxa ioLogik E1200 Series before 3.12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:31.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik E1200 Series before 3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Moxa ioLogik E1200 Series XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik E1200 Series before 3.12",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Moxa ioLogik E1200 Series XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-8359",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-09-28T00:00:00",
"dateUpdated": "2024-08-06T02:20:31.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8372 (GCVE-0-2016-8372)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:20
VLAI?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure.
Severity ?
No CVSS data available.
CWE
- Moxa ioLogik E1200 Series password
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik E1200 Series before 3.12 |
Affected:
Moxa ioLogik E1200 Series before 3.12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:31.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik E1200 Series before 3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Moxa ioLogik E1200 Series password",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik E1200 Series before 3.12",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Moxa ioLogik E1200 Series password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-8372",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-09-28T00:00:00",
"dateUpdated": "2024-08-06T02:20:31.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8379 (GCVE-0-2016-8379)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:20
VLAI?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords.
Severity ?
No CVSS data available.
CWE
- Moxa ioLogik E1200 Series password
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik E1200 Series before 3.12 |
Affected:
Moxa ioLogik E1200 Series before 3.12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:31.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik E1200 Series before 3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Moxa ioLogik E1200 Series password",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik E1200 Series before 3.12",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Moxa ioLogik E1200 Series password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-8379",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-09-28T00:00:00",
"dateUpdated": "2024-08-06T02:20:31.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8350 (GCVE-0-2016-8350)
Vulnerability from cvelistv5 – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:20
VLAI?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY).
Severity ?
No CVSS data available.
CWE
- Moxa ioLogik E1200 Series CSRF
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik E1200 Series before 3.12 |
Affected:
Moxa ioLogik E1200 Series before 3.12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:30.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik E1200 Series before 3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Moxa ioLogik E1200 Series CSRF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik E1200 Series before 3.12",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Moxa ioLogik E1200 Series CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-8350",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-09-28T00:00:00",
"dateUpdated": "2024-08-06T02:20:30.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8359 (GCVE-0-2016-8359)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:20
VLAI?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING).
Severity ?
No CVSS data available.
CWE
- Moxa ioLogik E1200 Series XSS
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik E1200 Series before 3.12 |
Affected:
Moxa ioLogik E1200 Series before 3.12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:31.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik E1200 Series before 3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Moxa ioLogik E1200 Series XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8359",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik E1200 Series before 3.12",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Moxa ioLogik E1200 Series XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-8359",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-09-28T00:00:00",
"dateUpdated": "2024-08-06T02:20:31.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8372 (GCVE-0-2016-8372)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:20
VLAI?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure.
Severity ?
No CVSS data available.
CWE
- Moxa ioLogik E1200 Series password
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik E1200 Series before 3.12 |
Affected:
Moxa ioLogik E1200 Series before 3.12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:31.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik E1200 Series before 3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Moxa ioLogik E1200 Series password",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik E1200 Series before 3.12",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Moxa ioLogik E1200 Series password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-8372",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-09-28T00:00:00",
"dateUpdated": "2024-08-06T02:20:31.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8379 (GCVE-0-2016-8379)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:20
VLAI?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords.
Severity ?
No CVSS data available.
CWE
- Moxa ioLogik E1200 Series password
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik E1200 Series before 3.12 |
Affected:
Moxa ioLogik E1200 Series before 3.12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:31.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik E1200 Series before 3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Moxa ioLogik E1200 Series password",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik E1200 Series before 3.12",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. Users are restricted to using short passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Moxa ioLogik E1200 Series password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-8379",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-09-28T00:00:00",
"dateUpdated": "2024-08-06T02:20:31.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8350 (GCVE-0-2016-8350)
Vulnerability from nvd – Published: 2017-02-13 21:00 – Updated: 2024-08-06 02:20
VLAI?
Summary
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY).
Severity ?
No CVSS data available.
CWE
- Moxa ioLogik E1200 Series CSRF
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Moxa ioLogik E1200 Series before 3.12 |
Affected:
Moxa ioLogik E1200 Series before 3.12
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:20:30.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Moxa ioLogik E1200 Series before 3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
],
"datePublic": "2017-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Moxa ioLogik E1200 Series CSRF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-14T10:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-8350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Moxa ioLogik E1200 Series before 3.12",
"version": {
"version_data": [
{
"version_value": "Moxa ioLogik E1200 Series before 3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application may not sufficiently verify whether a request was provided by a valid user (CROSS-SITE REQUEST FORGERY)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Moxa ioLogik E1200 Series CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05"
},
{
"name": "93550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-8350",
"datePublished": "2017-02-13T21:00:00",
"dateReserved": "2016-09-28T00:00:00",
"dateUpdated": "2024-08-06T02:20:30.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}