CVE-2016-9332 - An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does n

CVE-2016-9332

Summary

An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service condition.

References

Vulnerable Configurations

cpe:2.3:a:moxa:softcms:1.2:*:*:*:*:*:*:*
cpe:2.3:a:moxa:softcms:1.2:*:*:*:*:*:*:*
cpe:2.3:a:moxa:softcms:1.3:*:*:*:*:*:*:*
cpe:2.3:a:moxa:softcms:1.3:*:*:*:*:*:*:*
cpe:2.3:a:moxa:softcms:1.4:*:*:*:*:*:*:*
cpe:2.3:a:moxa:softcms:1.4:*:*:*:*:*:*:*
cpe:2.3:a:moxa:softcms:1.5:*:*:*:*:*:*:*
cpe:2.3:a:moxa:softcms:1.5:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 03-09-2017 - 01:29)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	94394
exploit-db	40779
misc	https://ics-cert.us-cert.gov/advisories/ICSA-16-322-02

Last major update

03-09-2017 - 01:29

Published

13-02-2017 - 21:59

Last modified

03-09-2017 - 01:29