VAR-202312-1968
Vulnerability from variot - Updated: 2024-10-29 23:50A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization. ioLogik e1210 firmware, ioLogik e1211 firmware, ioLogik e1212 firmware etc. Moxa Inc. The product contains vulnerabilities in the use of cryptographic algorithms.Information may be obtained. MOXA ioLogik E1200 Series is a series of general-purpose controllers and I/O devices from China's MOXA company.
MOXA ioLogik E1200 Series has an encryption vulnerability that can be exploited by attackers to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202312-1968",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iologik e1260",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1211",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1210",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1242",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1240",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1241",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1213",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1262",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1212",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1214",
"scope": "lt",
"trust": 1.0,
"vendor": "moxa",
"version": "3.3"
},
{
"model": "iologik e1240",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1241",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1211",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1210",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1213",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1260",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1214",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1242",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1212",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1262",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iologik e1200 series",
"scope": "lt",
"trust": 0.6,
"vendor": "moxa",
"version": "3.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-41854"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"db": "NVD",
"id": "CVE-2023-5962"
}
]
},
"cve": "CVE-2023-5962",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2024-41854",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2023-5962",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-5962",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2023-5962",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "psirt@moxa.com",
"id": "CVE-2023-5962",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-5962",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2024-41854",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-41854"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"db": "NVD",
"id": "CVE-2023-5962"
},
{
"db": "NVD",
"id": "CVE-2023-5962"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization. ioLogik e1210 firmware, ioLogik e1211 firmware, ioLogik e1212 firmware etc. Moxa Inc. The product contains vulnerabilities in the use of cryptographic algorithms.Information may be obtained. MOXA ioLogik E1200 Series is a series of general-purpose controllers and I/O devices from China\u0027s MOXA company. \n\nMOXA ioLogik E1200 Series has an encryption vulnerability that can be exploited by attackers to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-5962"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"db": "CNVD",
"id": "CNVD-2024-41854"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-5962",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023737",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2024-41854",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-41854"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"db": "NVD",
"id": "CVE-2023-5962"
}
]
},
"id": "VAR-202312-1968",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-41854"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-41854"
}
]
},
"last_update_date": "2024-10-29T23:50:06.391000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for MOXA ioLogik E1200 Series Encryption Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/601586"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-41854"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-328",
"trust": 1.0
},
{
"problemtype": "CWE-327",
"trust": 1.0
},
{
"problemtype": "Use of incomplete or dangerous cryptographic algorithms (CWE-327) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"db": "NVD",
"id": "CVE-2023-5962"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-5962"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-41854"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"db": "NVD",
"id": "CVE-2023-5962"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-41854"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"db": "NVD",
"id": "CVE-2023-5962"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-41854"
},
{
"date": "2024-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"date": "2023-12-23T09:15:08.050000",
"db": "NVD",
"id": "CVE-2023-5962"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-41854"
},
{
"date": "2024-01-29T07:01:00",
"db": "JVNDB",
"id": "JVNDB-2023-023737"
},
{
"date": "2024-10-28T07:15:07.333000",
"db": "NVD",
"id": "CVE-2023-5962"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Moxa\u00a0Inc.\u00a0 Vulnerabilities in the use of cryptographic algorithms in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-023737"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…