FKIE_CVE-2023-5962

Vulnerability from fkie_nvd - Published: 2023-12-23 09:15 - Updated: 2024-11-21 08:42
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.
References
psirt@moxa.comhttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerabilityVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerabilityVendor Advisory
Impacted products
Vendor Product Version
moxa iologik_e1210_firmware *
moxa iologik_e1210 -
moxa iologik_e1211_firmware *
moxa iologik_e1211 -
moxa iologik_e1212_firmware *
moxa iologik_e1212 -
moxa iologik_e1213_firmware *
moxa iologik_e1213 -
moxa iologik_e1214_firmware *
moxa iologik_e1214 -
moxa iologik_e1240_firmware *
moxa iologik_e1240 -
moxa iologik_e1241_firmware *
moxa iologik_e1241 -
moxa iologik_e1242_firmware *
moxa iologik_e1242 -
moxa iologik_e1260_firmware *
moxa iologik_e1260 -
moxa iologik_e1262_firmware *
moxa iologik_e1262 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1210_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF14969B-6E9F-4553-96EB-7BE6C5834260",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67DDCD42-10D5-46B2-AB91-66EF30D5D645",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1211_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D03FA4E2-4A30-4ED9-BA4D-5546FC0BA939",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1211:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "308E46FB-488A-4907-9A69-AACDE23A3394",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1212_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA133D93-4A1D-419A-92C5-C0C0A35187B5",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1212:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "616E5D0B-0D3A-4808-8C15-2FDC35E8605C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1213_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E39755B-9625-4D95-B425-BD28B60180CA",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1213:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AAE4F4E-779C-401F-A75E-AC66757DD313",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1214_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F59B517D-63C4-4FE5-A89F-B2A235E8239A",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1214:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0837606-60F7-4563-8F80-AE7C1CC3F469",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1240_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90601A69-F749-4E68-A034-74B9F046436F",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A9D90D-0419-410C-AF65-0FFE0FF2882F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1241_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38280BA6-C262-45AC-AD33-813523F64DAB",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1241:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3239D045-8A7C-4407-B77C-E82C178D8B90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1242_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB237801-4287-4A30-8CE8-DB90FAB5C118",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1242:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D40DF4C-0EA9-44B0-8D8C-D1FC2AB5A357",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1260_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACDAE3E7-675E-44BF-BD57-BF5C31B969A5",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0B4FA04-BF84-4B8A-A295-0312A3790F2E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:moxa:iologik_e1262_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "485CCB1F-A642-48B2-A8AD-4A7EBB5791BD",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:moxa:iologik_e1262:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3366C39B-50FD-497B-A6A1-875CEB8913C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad de algoritmo criptogr\u00e1fico d\u00e9bil en las versiones de firmware de la serie ioLogik E1200 v3.3 y anteriores. Esta vulnerabilidad puede ayudar a un atacante a comprometer la confidencialidad de datos confidenciales. Esta vulnerabilidad puede llevar a un atacante a obtener una autorizaci\u00f3n inesperada."
    }
  ],
  "id": "CVE-2023-5962",
  "lastModified": "2024-11-21T08:42:52.350",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "psirt@moxa.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-12-23T09:15:08.050",
  "references": [
    {
      "source": "psirt@moxa.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability"
    }
  ],
  "sourceIdentifier": "psirt@moxa.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-328"
        }
      ],
      "source": "psirt@moxa.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-327"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.