cnvd - cnvd-2024-41684

CNVD-2024-41684

Vulnerability from cnvd - Published: 2024-10-25

Title

MOXA MXsecurity存在未明漏洞

Description

MOXA MXsecurity是中国摩莎（MOXA）公司的一个管理平台。可提供集中的可见性和安全管理，以轻松监视和识别网络威胁并防止安全错误配置，从而创建强大的威胁防御。 MOXA MXsecurity v1.1.0及之前版本存在安全漏洞，该漏洞源于未授权用户对资源的访问缺乏限制，通过获取有效的身份验证器，攻击者可利用该漏洞冒充授权用户并成功访问资源。

Severity

高

Patch Name

MOXA MXsecurity存在未明漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.moxa.com/en/support/product-support/security-advisory/mpsa-231878-mxsecurity-series-multiple-vulnerabilities

Reference

https://cxsecurity.com/cveshow/CVE-2024-4739/

Impacted products

Name
Moxa MXsecurity <=v1.1.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-4739"
    }
  },
  "description": "MOXA MXsecurity\u662f\u4e2d\u56fd\u6469\u838e\uff08MOXA\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7ba1\u7406\u5e73\u53f0\u3002\u53ef\u63d0\u4f9b\u96c6\u4e2d\u7684\u53ef\u89c1\u6027\u548c\u5b89\u5168\u7ba1\u7406\uff0c\u4ee5\u8f7b\u677e\u76d1\u89c6\u548c\u8bc6\u522b\u7f51\u7edc\u5a01\u80c1\u5e76\u9632\u6b62\u5b89\u5168\u9519\u8bef\u914d\u7f6e\uff0c\u4ece\u800c\u521b\u5efa\u5f3a\u5927\u7684\u5a01\u80c1\u9632\u5fa1\u3002\n\nMOXA MXsecurity v1.1.0\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u6388\u6743\u7528\u6237\u5bf9\u8d44\u6e90\u7684\u8bbf\u95ee\u7f3a\u4e4f\u9650\u5236\uff0c\u901a\u8fc7\u83b7\u53d6\u6709\u6548\u7684\u8eab\u4efd\u9a8c\u8bc1\u5668\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5192\u5145\u6388\u6743\u7528\u6237\u5e76\u6210\u529f\u8bbf\u95ee\u8d44\u6e90\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-231878-mxsecurity-series-multiple-vulnerabilities",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-41684",
  "openTime": "2024-10-25",
  "patchDescription": "MOXA MXsecurity\u662f\u4e2d\u56fd\u6469\u838e\uff08MOXA\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7ba1\u7406\u5e73\u53f0\u3002\u53ef\u63d0\u4f9b\u96c6\u4e2d\u7684\u53ef\u89c1\u6027\u548c\u5b89\u5168\u7ba1\u7406\uff0c\u4ee5\u8f7b\u677e\u76d1\u89c6\u548c\u8bc6\u522b\u7f51\u7edc\u5a01\u80c1\u5e76\u9632\u6b62\u5b89\u5168\u9519\u8bef\u914d\u7f6e\uff0c\u4ece\u800c\u521b\u5efa\u5f3a\u5927\u7684\u5a01\u80c1\u9632\u5fa1\u3002\r\n\r\nMOXA MXsecurity v1.1.0\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u6388\u6743\u7528\u6237\u5bf9\u8d44\u6e90\u7684\u8bbf\u95ee\u7f3a\u4e4f\u9650\u5236\uff0c\u901a\u8fc7\u83b7\u53d6\u6709\u6548\u7684\u8eab\u4efd\u9a8c\u8bc1\u5668\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5192\u5145\u6388\u6743\u7528\u6237\u5e76\u6210\u529f\u8bbf\u95ee\u8d44\u6e90\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "MOXA MXsecurity\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Moxa MXsecurity \u003c=v1.1.0"
  },
  "referenceLink": "https://cxsecurity.com/cveshow/CVE-2024-4739/",
  "serverity": "\u9ad8",
  "submitTime": "2024-10-23",
  "title": "MOXA MXsecurity\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

CVE-2024-4739 (GCVE-0-2024-4739)

Vulnerability from cvelistv5 – Published: 2024-10-18 08:11 – Updated: 2024-10-18 14:40

Summary

The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. By acquiring a valid authenticator, an attacker can pose as an authorized user and successfully access the resource.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-749 - Exposed Dangerous Method or Function

Assigner

Moxa

References

URL

Tags

https://www.moxa.com/en/support/product-support/s…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Moxa	MXsecurity Series	Affected: 1.0 , ≤ 1.1.0 (custom)

Credits

Sean Cai Chris Huang

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "mxsecurity",
            "vendor": "moxa",
            "versions": [
              {
                "lessThanOrEqual": "1.1.0",
                "status": "affected",
                "version": "1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4739",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-18T14:39:37.302578Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-18T14:40:34.104Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MXsecurity Series",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "1.1.0",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Sean Cai"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Chris Huang"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. By acquiring a valid authenticator, an attacker can pose as an authorized user and successfully access the resource."
            }
          ],
          "value": "The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. By acquiring a valid authenticator, an attacker can pose as an authorized user and successfully access the resource."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-36",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-36: Using Unpublished Interfaces or Functionality"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-749",
              "description": "CWE-749: Exposed Dangerous Method or Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-18T08:11:04.908Z",
        "orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
        "shortName": "Moxa"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-231878-mxsecurity-series-multiple-vulnerabilities"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMoxa has developed an appropriate solution to address the vulnerability. The solution for the affected product is shown below.\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eMXsecurity: Please Upgrade to the firmware version 2.2.0 or higher via the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://netsecuritylicense.moxa.com/Account/Login\"\u003eMoxa Software Licensing Portal\u003c/a\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "Moxa has developed an appropriate solution to address the vulnerability. The solution for the affected product is shown below.\n\n  *  MXsecurity: Please Upgrade to the firmware version 2.2.0 or higher via the  Moxa Software Licensing Portal https://netsecuritylicense.moxa.com/Account/Login"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "MXsecurity License Generation Function Disclosure",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eMinimize network exposure to ensure the device is not accessible from the Internet. \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eWhen remote access is required, use secure methods, such as Virtual Private Networks (VPNs). \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eThe starting point of all the above vulnerabilities is from the web service, so it is suggested to disable web service temporarily if you completed configuration to prevent further damages from these vulnerabilities until installed patch or updated firmware.\u202f\u0026nbsp;\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
            }
          ],
          "value": "*  Minimize network exposure to ensure the device is not accessible from the Internet. \n\n\n\n\n\n\n  *  When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). \n\n\n\n\n\n\n  *  The starting point of all the above vulnerabilities is from the web service, so it is suggested to disable web service temporarily if you completed configuration to prevent further damages from these vulnerabilities until installed patch or updated firmware."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
    "assignerShortName": "Moxa",
    "cveId": "CVE-2024-4739",
    "datePublished": "2024-10-18T08:11:04.908Z",
    "dateReserved": "2024-05-10T09:05:34.287Z",
    "dateUpdated": "2024-10-18T14:40:34.104Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2024-41684

CVE-2024-4739 (GCVE-0-2024-4739)

Tags

Sightings

Nomenclature