cnvd - cnvd-2021-89942

cnvd-2021-89942

Vulnerability from cnvd

Title: Moxa MXview不当访问控制漏洞

Description:

Moxa MXview是一款用于监控和诊断工业网络的网络管理软件。

Moxa MXview存在不当访问控制漏洞。该漏洞源于受影响的产品有一个错误配置的服务，该服务允许远程连接到内部通信通道。攻击者可利用该漏洞远程交互和使用MQTT。

Severity: 高

Patch Name: Moxa MXview不当访问控制漏洞的补丁

Patch Description:

Moxa MXview是一款用于监控和诊断工业网络的网络管理软件。

Moxa MXview存在不当访问控制漏洞。该漏洞源于受影响的产品有一个错误配置的服务，该服务允许远程连接到内部通信通道。攻击者可利用该漏洞远程交互和使用MQTT。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://www.moxa.com/en/support/product-support/software-and-documentation/search?psid=53389

Reference: https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03

Impacted products

Name
MOXA MXView 3.*，<=3.2.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-38454",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-38454"
    }
  },
  "description": "Moxa MXview\u662f\u4e00\u6b3e\u7528\u4e8e\u76d1\u63a7\u548c\u8bca\u65ad\u5de5\u4e1a\u7f51\u7edc\u7684\u7f51\u7edc\u7ba1\u7406\u8f6f\u4ef6\u3002\n\nMoxa MXview\u5b58\u5728\u4e0d\u5f53\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u53d7\u5f71\u54cd\u7684\u4ea7\u54c1\u6709\u4e00\u4e2a\u9519\u8bef\u914d\u7f6e\u7684\u670d\u52a1\uff0c\u8be5\u670d\u52a1\u5141\u8bb8\u8fdc\u7a0b\u8fde\u63a5\u5230\u5185\u90e8\u901a\u4fe1\u901a\u9053\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdc\u7a0b\u4ea4\u4e92\u548c\u4f7f\u7528MQTT\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.moxa.com/en/support/product-support/software-and-documentation/search?psid=53389",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-89942",
  "openTime": "2021-11-23",
  "patchDescription": "Moxa MXview\u662f\u4e00\u6b3e\u7528\u4e8e\u76d1\u63a7\u548c\u8bca\u65ad\u5de5\u4e1a\u7f51\u7edc\u7684\u7f51\u7edc\u7ba1\u7406\u8f6f\u4ef6\u3002\r\n\r\nMoxa MXview\u5b58\u5728\u4e0d\u5f53\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u53d7\u5f71\u54cd\u7684\u4ea7\u54c1\u6709\u4e00\u4e2a\u9519\u8bef\u914d\u7f6e\u7684\u670d\u52a1\uff0c\u8be5\u670d\u52a1\u5141\u8bb8\u8fdc\u7a0b\u8fde\u63a5\u5230\u5185\u90e8\u901a\u4fe1\u901a\u9053\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8fdc\u7a0b\u4ea4\u4e92\u548c\u4f7f\u7528MQTT\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Moxa MXview\u4e0d\u5f53\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "MOXA MXView 3.*\uff0c\u003c=3.2.2"
  },
  "referenceLink": "https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03",
  "serverity": "\u9ad8",
  "submitTime": "2021-10-08",
  "title": "Moxa MXview\u4e0d\u5f53\u8bbf\u95ee\u63a7\u5236\u6f0f\u6d1e"
}

CVE-2021-38454 (GCVE-0-2021-38454)

Vulnerability from cvelistv5

Published

2021-10-12 13:37

Modified

2024-09-16 23:22

Severity ?

10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-284 - IMPROPER ACCESS CONTROL

Summary

A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.

References

▼	URL	Tags
	https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Moxa	MXview Network Management Software	Version: 3.x <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:44:22.436Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MXview Network Management Software",
          "vendor": "Moxa",
          "versions": [
            {
              "lessThanOrEqual": "3.2.2",
              "status": "affected",
              "version": "3.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Noam Moshe from Claroty reported these vulnerabilities to Moxa."
        }
      ],
      "datePublic": "2021-10-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "IMPROPER ACCESS CONTROL CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T13:37:54",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Moxa recommends users do the following:\n\nUpgrade to software package v3.2.4 or higher.\nUsers should change their Windows password regularly and use a firewall.\nIf users need to use a multiple-site function, Moxa recommends a firewall to block Port 8883. If users do not have this requirement, Moxa suggests using the firewall to assign the Accessible IP of MXview at the client site."
        }
      ],
      "source": {
        "advisory": "ICSA-21-278-03",
        "discovery": "UNKNOWN"
      },
      "title": "Moxa MXview Network Management Software",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2021-10-05T20:03:00.000Z",
          "ID": "CVE-2021-38454",
          "STATE": "PUBLIC",
          "TITLE": "Moxa MXview Network Management Software"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MXview Network Management Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "3.x",
                            "version_value": "3.2.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Moxa"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Noam Moshe from Claroty reported these vulnerabilities to Moxa."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "IMPROPER ACCESS CONTROL CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Moxa recommends users do the following:\n\nUpgrade to software package v3.2.4 or higher.\nUsers should change their Windows password regularly and use a firewall.\nIf users need to use a multiple-site function, Moxa recommends a firewall to block Port 8883. If users do not have this requirement, Moxa suggests using the firewall to assign the Accessible IP of MXview at the client site."
          }
        ],
        "source": {
          "advisory": "ICSA-21-278-03",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2021-38454",
    "datePublished": "2021-10-12T13:37:54.121511Z",
    "dateReserved": "2021-08-10T00:00:00",
    "dateUpdated": "2024-09-16T23:22:08.753Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted