CVE-2023-5962 - Vulnerability Details

Vendors	Products
Moxa	Iologik E1210 Iologik E1210 Firmware Iologik E1211 Iologik E1211 Firmware Iologik E1212 Iologik E1212 Firmware Iologik E1213 Iologik E1213 Firmware Iologik E1214 Iologik E1214 Firmware Iologik E1240 Iologik E1240 Firmware Iologik E1241 Iologik E1241 Firmware Iologik E1242 Iologik E1242 Firmware Iologik E1260 Iologik E1260 Firmware Iologik E1262 Iologik E1262 Firmware

Link	Providers
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability

Type	Values Removed	Values Added
Description	A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.	A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.
Weaknesses		CWE-328

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5962", "assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "state": "PUBLISHED", "assignerShortName": "Moxa", "dateReserved": "2023-11-06T07:47:33.243Z", "datePublished": "2023-12-23T09:09:01.920Z", "dateUpdated": "2024-10-28T06:14:46.184Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ioLogik E1200 Series", "vendor": "Moxa", "versions": [{"lessThanOrEqual": "3.3", "status": "affected", "version": "1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Reza Rashidi from HADESS"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.</p>"}], "value": "A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization."}], "impacts": [{"capecId": "CAPEC-20", "descriptions": [{"lang": "en", "value": "CAPEC-20: Encryption Brute Forcing"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-328", "description": "CWE-328: Use of Weak Hash", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa", "shortName": "Moxa", "dateUpdated": "2024-10-28T06:14:46.184Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below. </p><p></p><ul><li>ioLogik E1200 Series : Please contact Moxa Technical Support for the <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/tw/support/technical-support\">security patch (v3.3.7).</a></li></ul><p></p>"}], "value": "Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below. \n\n\n\n  *  ioLogik E1200 Series : Please contact Moxa Technical Support for the  security patch (v3.3.7). https://www.moxa.com/tw/support/technical-support"}], "source": {"discovery": "EXTERNAL"}, "title": "ioLogik E1200 Series: Weak Cryptographic Algorithm Vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:14:25.146Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability"}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-5962 (string)

assignerOrgId : 2e0a0ee2-d866-482a-9f5e-ac03d156dbaa (string)

state : PUBLISHED (string)

assignerShortName : Moxa (string)

dateReserved : 2023-11-06T07:47:33.243Z (string)

datePublished : 2023-12-23T09:09:01.920Z (string)

dateUpdated : 2024-10-28T06:14:46.184Z (string)

}

containers : { »

cna : { »

affected : [ »

0 : { »

defaultStatus : unaffected (string)

product : ioLogik E1200 Series (string)

vendor : Moxa (string)

versions : [ »

0 : { »

lessThanOrEqual : 3.3 (string)

status : affected (string)

version : 1.0 (string)

versionType : custom (string)

}

]

}

]

credits : [ »

0 : { »

lang : en (string)

type : finder (string)

user : 00000000-0000-4000-9000-000000000000 (string)

value : Reza Rashidi from HADESS (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

supportingMedia : [ »

0 : { »

base64 : false (boolean)

type : text/html (string)

value : A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization. (string)

}

]

value : A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization. (string)

}

]

impacts : [ »

0 : { »

capecId : CAPEC-20 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : CAPEC-20: Encryption Brute Forcing (string)

}

]

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

format : CVSS (string)

scenarios : [ »

0 : { »

lang : en (string)

value : GENERAL (string)

}

]

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-328 (string)

description : CWE-328: Use of Weak Hash (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

orgId : 2e0a0ee2-d866-482a-9f5e-ac03d156dbaa (string)

shortName : Moxa (string)

dateUpdated : 2024-10-28T06:14:46.184Z (string)

}

references : [ »

0 : { »

tags : [ »

0 : vendor-advisory (string)

]

url : https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability (string)

}

]

solutions : [ »

0 : { »

lang : en (string)

supportingMedia : [ »

0 : { »

base64 : false (boolean)

type : text/html (string)

value : Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below. <ul><li>ioLogik E1200 Series : Please contact Moxa Technical Support for the <a target="_blank" rel="nofollow" href="https://www.moxa.com/tw/support/technical-support">security patch (v3.3.7).</a></li></ul> (string)

}

]

value : Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below. * ioLogik E1200 Series : Please contact Moxa Technical Support for the security patch (v3.3.7). https://www.moxa.com/tw/support/technical-support (string)

}

]

source : { »

discovery : EXTERNAL (string)

}

title : ioLogik E1200 Series: Weak Cryptographic Algorithm Vulnerability (string)

x_generator : { »

engine : Vulnogram 0.1.0-dev (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T08:14:25.146Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : vendor-advisory (string)

1 : x_transferred (string)

]

url : https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability (string)

}

]

}

]

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1210_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF14969B-6E9F-4553-96EB-7BE6C5834260", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1210:-:*:*:*:*:*:*:*", "matchCriteriaId": "67DDCD42-10D5-46B2-AB91-66EF30D5D645", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1211_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D03FA4E2-4A30-4ED9-BA4D-5546FC0BA939", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1211:-:*:*:*:*:*:*:*", "matchCriteriaId": "308E46FB-488A-4907-9A69-AACDE23A3394", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1212_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA133D93-4A1D-419A-92C5-C0C0A35187B5", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1212:-:*:*:*:*:*:*:*", "matchCriteriaId": "616E5D0B-0D3A-4808-8C15-2FDC35E8605C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1213_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E39755B-9625-4D95-B425-BD28B60180CA", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1213:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AAE4F4E-779C-401F-A75E-AC66757DD313", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1214_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F59B517D-63C4-4FE5-A89F-B2A235E8239A", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1214:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0837606-60F7-4563-8F80-AE7C1CC3F469", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1240_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "90601A69-F749-4E68-A034-74B9F046436F", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1240:-:*:*:*:*:*:*:*", "matchCriteriaId": "77A9D90D-0419-410C-AF65-0FFE0FF2882F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1241_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "38280BA6-C262-45AC-AD33-813523F64DAB", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1241:-:*:*:*:*:*:*:*", "matchCriteriaId": "3239D045-8A7C-4407-B77C-E82C178D8B90", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1242_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB237801-4287-4A30-8CE8-DB90FAB5C118", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1242:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D40DF4C-0EA9-44B0-8D8C-D1FC2AB5A357", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1260_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACDAE3E7-675E-44BF-BD57-BF5C31B969A5", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1260:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0B4FA04-BF84-4B8A-A295-0312A3790F2E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:iologik_e1262_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "485CCB1F-A642-48B2-A8AD-4A7EBB5791BD", "versionEndExcluding": "3.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:iologik_e1262:-:*:*:*:*:*:*:*", "matchCriteriaId": "3366C39B-50FD-497B-A6A1-875CEB8913C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad de algoritmo criptogr\u00e1fico d\u00e9bil en las versiones de firmware de la serie ioLogik E1200 v3.3 y anteriores. Esta vulnerabilidad puede ayudar a un atacante a comprometer la confidencialidad de datos confidenciales. Esta vulnerabilidad puede llevar a un atacante a obtener una autorizaci\u00f3n inesperada."}], "id": "CVE-2023-5962", "lastModified": "2024-11-21T08:42:52.350", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "psirt@moxa.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-23T09:15:08.050", "references": [{"source": "psirt@moxa.com", "tags": ["Vendor Advisory"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability"}], "sourceIdentifier": "psirt@moxa.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-328"}], "source": "psirt@moxa.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-327"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1210_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : CF14969B-6E9F-4553-96EB-7BE6C5834260 (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1210:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 67DDCD42-10D5-46B2-AB91-66EF30D5D645 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1211_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D03FA4E2-4A30-4ED9-BA4D-5546FC0BA939 (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1211:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 308E46FB-488A-4907-9A69-AACDE23A3394 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1212_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BA133D93-4A1D-419A-92C5-C0C0A35187B5 (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1212:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 616E5D0B-0D3A-4808-8C15-2FDC35E8605C (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1213_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6E39755B-9625-4D95-B425-BD28B60180CA (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1213:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 9AAE4F4E-779C-401F-A75E-AC66757DD313 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1214_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F59B517D-63C4-4FE5-A89F-B2A235E8239A (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1214:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A0837606-60F7-4563-8F80-AE7C1CC3F469 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1240_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 90601A69-F749-4E68-A034-74B9F046436F (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1240:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 77A9D90D-0419-410C-AF65-0FFE0FF2882F (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

6 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1241_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 38280BA6-C262-45AC-AD33-813523F64DAB (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1241:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 3239D045-8A7C-4407-B77C-E82C178D8B90 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

7 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1242_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EB237801-4287-4A30-8CE8-DB90FAB5C118 (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1242:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 5D40DF4C-0EA9-44B0-8D8C-D1FC2AB5A357 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

8 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1260_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : ACDAE3E7-675E-44BF-BD57-BF5C31B969A5 (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1260:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B0B4FA04-BF84-4B8A-A295-0312A3790F2E (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

9 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:moxa:iologik_e1262_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 485CCB1F-A642-48B2-A8AD-4A7EBB5791BD (string)

versionEndExcluding : 3.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:moxa:iologik_e1262:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 3366C39B-50FD-497B-A6A1-875CEB8913C5 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization. (string)

}

1 : { »

lang : es (string)

value : Se ha identificado una vulnerabilidad de algoritmo criptográfico débil en las versiones de firmware de la serie ioLogik E1200 v3.3 y anteriores. Esta vulnerabilidad puede ayudar a un atacante a comprometer la confidencialidad de datos confidenciales. Esta vulnerabilidad puede llevar a un atacante a obtener una autorización inesperada. (string)

}

]

id : CVE-2023-5962 (string)

lastModified : 2024-11-21T08:42:52.350 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 3.6 (number)

source : psirt@moxa.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2023-12-23T09:15:08.050 (string)

references : [ »

0 : { »

source : psirt@moxa.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.moxa.com/en/support/product-support/security-advisory/mpsa-235250-iologik-e1200-series-web-server-vulnerability (string)

}

]

sourceIdentifier : psirt@moxa.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-328 (string)

}

]

source : psirt@moxa.com (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-327 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object