Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for IKS, EDS by Moxa

    CVE-2019-6526 (GCVE-0-2019-6526)

    Vulnerability from nvd – Published: 2019-04-12 20:11 – Updated: 2024-08-04 20:23
    VLAI
    Summary
    Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password.
    Severity
    No CVSS data available.
    CWE
    • CWE-311 - Missing encryption of sensitive data CWE-311
    Assigner
    References
    Impacted products
    Vendor Product Version
    Moxa IKS, EDS Affected: IKS-G6824A series Versions 4.5 and prior
    Affected: EDS-405A series Version 3.8 and prior
    Affected: EDS-408A series Version 3.8 and prior
    Affected: and EDS-510A series Version 3.8 and prior
    Create a notification for this product.
    Date Public
    2019-02-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:23:21.401Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IKS, EDS",
              "vendor": "Moxa",
              "versions": [
                {
                  "status": "affected",
                  "version": "IKS-G6824A series Versions 4.5 and prior"
                },
                {
                  "status": "affected",
                  "version": "EDS-405A series Version 3.8 and prior"
                },
                {
                  "status": "affected",
                  "version": "EDS-408A series Version 3.8 and prior"
                },
                {
                  "status": "affected",
                  "version": "and EDS-510A series Version 3.8 and prior"
                }
              ]
            }
          ],
          "datePublic": "2019-02-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-311",
                  "description": "Missing encryption of sensitive data CWE-311",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-12T20:11:08.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2019-6526",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IKS, EDS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "IKS-G6824A series Versions 4.5 and prior"
                              },
                              {
                                "version_value": "EDS-405A series Version 3.8 and prior"
                              },
                              {
                                "version_value": "EDS-408A series Version 3.8 and prior"
                              },
                              {
                                "version_value": "and EDS-510A series Version 3.8 and prior"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Moxa"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Missing encryption of sensitive data CWE-311"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2019-6526",
        "datePublished": "2019-04-12T20:11:08.000Z",
        "dateReserved": "2019-01-22T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:23:21.401Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-6526 (GCVE-0-2019-6526)

    Vulnerability from cvelistv5 – Published: 2019-04-12 20:11 – Updated: 2024-08-04 20:23
    VLAI
    Summary
    Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password.
    Severity
    No CVSS data available.
    CWE
    • CWE-311 - Missing encryption of sensitive data CWE-311
    Assigner
    References
    Impacted products
    Vendor Product Version
    Moxa IKS, EDS Affected: IKS-G6824A series Versions 4.5 and prior
    Affected: EDS-405A series Version 3.8 and prior
    Affected: EDS-408A series Version 3.8 and prior
    Affected: and EDS-510A series Version 3.8 and prior
    Create a notification for this product.
    Date Public
    2019-02-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:23:21.401Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IKS, EDS",
              "vendor": "Moxa",
              "versions": [
                {
                  "status": "affected",
                  "version": "IKS-G6824A series Versions 4.5 and prior"
                },
                {
                  "status": "affected",
                  "version": "EDS-405A series Version 3.8 and prior"
                },
                {
                  "status": "affected",
                  "version": "EDS-408A series Version 3.8 and prior"
                },
                {
                  "status": "affected",
                  "version": "and EDS-510A series Version 3.8 and prior"
                }
              ]
            }
          ],
          "datePublic": "2019-02-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-311",
                  "description": "Missing encryption of sensitive data CWE-311",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-12T20:11:08.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2019-6526",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "IKS, EDS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "IKS-G6824A series Versions 4.5 and prior"
                              },
                              {
                                "version_value": "EDS-405A series Version 3.8 and prior"
                              },
                              {
                                "version_value": "EDS-408A series Version 3.8 and prior"
                              },
                              {
                                "version_value": "and EDS-510A series Version 3.8 and prior"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Moxa"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Missing encryption of sensitive data CWE-311"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2019-6526",
        "datePublished": "2019-04-12T20:11:08.000Z",
        "dateReserved": "2019-01-22T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:23:21.401Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }