CVE-2023-39981

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-39981
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading to the disclosure of device information by a remote attacker.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities Patch Vendor Advisory
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities Patch Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*
History

21 Nov 2024, 08:16

Type Values Removed Values Added
References () https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities - Patch, Vendor Advisory () https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities - Patch, Vendor Advisory

28 Oct 2024, 06:15

Type Values Removed Values Added
CWE CWE-306
Summary (en) A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading to the disclosure of device information by a remote attacker. (en) A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading to the disclosure of device information by a remote attacker.
Information

Published : 2023-09-02 13:15

Updated : 2024-11-21 08:16

NVD link : CVE-2023-39981

Mitre link : CVE-2023-39981

CVE.ORG link : CVE-2023-39981

JSON object : View

Products Affected

moxa

  • mxsecurity
CWE
CWE-306

Missing Authentication for Critical Function

CWE-287

Improper Authentication