CVE-2016-5799
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
Dispositivos Moxa OnCell G3100V2 en versiones anteriores a 2.8 y dispositivos G3111, G3151, G3211 y G3251 en versiones anteriores a 1.7 no restringen adecuadamente intentos de autenticación, lo que facilita a atacantes remotos obtener acceso a través de un ataque de fuerza bruta.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-06-23 CVE Reserved
- 2016-08-24 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-285: Improper Authorization
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/92606 | Vdb Entry | |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01 | Mitigation |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Moxa Search vendor "Moxa" | Oncell G3001 Firmware Search vendor "Moxa" for product "Oncell G3001 Firmware" | <= 1.6 Search vendor "Moxa" for product "Oncell G3001 Firmware" and version " <= 1.6" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3111 Search vendor "Moxa" for product "Oncell G3111" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3001 Firmware Search vendor "Moxa" for product "Oncell G3001 Firmware" | <= 1.6 Search vendor "Moxa" for product "Oncell G3001 Firmware" and version " <= 1.6" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3151 Search vendor "Moxa" for product "Oncell G3151" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3001 Firmware Search vendor "Moxa" for product "Oncell G3001 Firmware" | <= 1.6 Search vendor "Moxa" for product "Oncell G3001 Firmware" and version " <= 1.6" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3211 Search vendor "Moxa" for product "Oncell G3211" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3001 Firmware Search vendor "Moxa" for product "Oncell G3001 Firmware" | <= 1.6 Search vendor "Moxa" for product "Oncell G3001 Firmware" and version " <= 1.6" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3251 Search vendor "Moxa" for product "Oncell G3251" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3100v2 Firmware Search vendor "Moxa" for product "Oncell G3100v2 Firmware" | <= 2.7 Search vendor "Moxa" for product "Oncell G3100v2 Firmware" and version " <= 2.7" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3100v2 Search vendor "Moxa" for product "Oncell G3100v2" | - | - |
Safe
|