Vulnerability CVE-2017-16715
Published: 2017-11-16   Modified: 2017-11-17

Description:
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame padding that may allow for information exposure.

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
MOXA -> Nport 5110 firmware 
MOXA -> Nport 5130 firmware 
MOXA -> Nport 5150 firmware 

 References:
http://www.securityfocus.com/bid/101885
https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01
Copyright 2024, cxsecurity.com

 

Back to Top