Search
Find a vulnerability
Search criteria
2 vulnerabilities found for IKS, EDS by Moxa
CVE-2019-6526 (GCVE-0-2019-6526)
Vulnerability from nvd – Published: 2019-04-12 20:11 – Updated: 2024-08-04 20:23
VLAI
Summary
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password.
Severity
No CVSS data available.
CWE
- CWE-311 - Missing encryption of sensitive data CWE-311
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01 | x_refsource_MISC |
Impacted products
Date Public
2019-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:21.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IKS, EDS",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "IKS-G6824A series Versions 4.5 and prior"
},
{
"status": "affected",
"version": "EDS-405A series Version 3.8 and prior"
},
{
"status": "affected",
"version": "EDS-408A series Version 3.8 and prior"
},
{
"status": "affected",
"version": "and EDS-510A series Version 3.8 and prior"
}
]
}
],
"datePublic": "2019-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "Missing encryption of sensitive data CWE-311",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-12T20:11:08.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-6526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IKS, EDS",
"version": {
"version_data": [
{
"version_value": "IKS-G6824A series Versions 4.5 and prior"
},
{
"version_value": "EDS-405A series Version 3.8 and prior"
},
{
"version_value": "EDS-408A series Version 3.8 and prior"
},
{
"version_value": "and EDS-510A series Version 3.8 and prior"
}
]
}
}
]
},
"vendor_name": "Moxa"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing encryption of sensitive data CWE-311"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-6526",
"datePublished": "2019-04-12T20:11:08.000Z",
"dateReserved": "2019-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:23:21.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6526 (GCVE-0-2019-6526)
Vulnerability from cvelistv5 – Published: 2019-04-12 20:11 – Updated: 2024-08-04 20:23
VLAI
Summary
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password.
Severity
No CVSS data available.
CWE
- CWE-311 - Missing encryption of sensitive data CWE-311
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01 | x_refsource_MISC |
Impacted products
Date Public
2019-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:21.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IKS, EDS",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "IKS-G6824A series Versions 4.5 and prior"
},
{
"status": "affected",
"version": "EDS-405A series Version 3.8 and prior"
},
{
"status": "affected",
"version": "EDS-408A series Version 3.8 and prior"
},
{
"status": "affected",
"version": "and EDS-510A series Version 3.8 and prior"
}
]
}
],
"datePublic": "2019-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "Missing encryption of sensitive data CWE-311",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-12T20:11:08.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-6526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IKS, EDS",
"version": {
"version_data": [
{
"version_value": "IKS-G6824A series Versions 4.5 and prior"
},
{
"version_value": "EDS-405A series Version 3.8 and prior"
},
{
"version_value": "EDS-408A series Version 3.8 and prior"
},
{
"version_value": "and EDS-510A series Version 3.8 and prior"
}
]
}
}
]
},
"vendor_name": "Moxa"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing encryption of sensitive data CWE-311"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-6526",
"datePublished": "2019-04-12T20:11:08.000Z",
"dateReserved": "2019-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:23:21.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}