CVE-2016-5812
Severity Score
3.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file.
Dispositivos Moxa OnCell G3100V2 en versiones anteriores a 2.8 y dispositivos G3111, G3151, G3211 y G3251 en versiones anteriores a 1.7 utilizan un almacenamiento de contraseñas de texto sin cifrar, lo que facilita a usuarios locales obtener información sensible leyendo un archivo de configuración.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-06-23 CVE Reserved
- 2016-08-24 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/92605 | Vdb Entry | |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-236-01 | Mitigation |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Moxa Search vendor "Moxa" | Oncell G3001 Firmware Search vendor "Moxa" for product "Oncell G3001 Firmware" | <= 1.6 Search vendor "Moxa" for product "Oncell G3001 Firmware" and version " <= 1.6" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3111 Search vendor "Moxa" for product "Oncell G3111" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3001 Firmware Search vendor "Moxa" for product "Oncell G3001 Firmware" | <= 1.6 Search vendor "Moxa" for product "Oncell G3001 Firmware" and version " <= 1.6" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3151 Search vendor "Moxa" for product "Oncell G3151" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3001 Firmware Search vendor "Moxa" for product "Oncell G3001 Firmware" | <= 1.6 Search vendor "Moxa" for product "Oncell G3001 Firmware" and version " <= 1.6" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3211 Search vendor "Moxa" for product "Oncell G3211" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3001 Firmware Search vendor "Moxa" for product "Oncell G3001 Firmware" | <= 1.6 Search vendor "Moxa" for product "Oncell G3001 Firmware" and version " <= 1.6" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3251 Search vendor "Moxa" for product "Oncell G3251" | - | - |
Safe
|
| Moxa Search vendor "Moxa" | Oncell G3100v2 Firmware Search vendor "Moxa" for product "Oncell G3100v2 Firmware" | <= 2.7 Search vendor "Moxa" for product "Oncell G3100v2 Firmware" and version " <= 2.7" | - |
Affected
| in | Moxa Search vendor "Moxa" | Oncell G3100v2 Search vendor "Moxa" for product "Oncell G3100v2" | - | - |
Safe
|