var-201608-0260
Vulnerability from variot
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file. MoxaOnCellG3100V2 and so on are Moxa's IP gateway products. Moxa OnCell is prone to local information-disclosure vulnerability. The following products are affected : Moxa OnCell G3100V2 Series, editions prior to Version 2.8. Moxa OnCell G3111/G3151/G3211/G3251 Series,editions prior to 1.7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "oncell g3001",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3100v2",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "2.7"
},
{
"model": "oncell g3100v2 series",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3100v2 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "2.8"
},
{
"model": "oncell g3111/g3151/g3211/g3251 series",
"scope": "lt",
"trust": 0.8,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3211",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3251",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "oncell g3100v2",
"scope": "lt",
"trust": 0.6,
"vendor": "moxa",
"version": "2.8"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3001",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3100v2",
"scope": "eq",
"trust": 0.6,
"vendor": "moxa",
"version": "2.7"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3251",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3211",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3151",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.6"
},
{
"model": "oncell g3111",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "1.4"
},
{
"model": "oncell g3100v2",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "2.6"
},
{
"model": "oncell g3251",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3211",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3151",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3111",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "1.7"
},
{
"model": "oncell g3100v2",
"scope": "ne",
"trust": 0.3,
"vendor": "moxa",
"version": "2.8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:moxa:oncell_g3100v2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:oncell_g3100v2_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:oncell_g3001_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:moxa:oncell_gateway_g3151",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:moxa:oncell_gateway_g3211",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:moxa:oncell_gateway_g3251",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maxim Rupp.",
"sources": [
{
"db": "BID",
"id": "92605"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5812",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2016-5812",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2016-06702",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-94631",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2016-5812",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5812",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2016-5812",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2016-06702",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-429",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-94631",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use cleartext password storage, which makes it easier for local users to obtain sensitive information by reading a configuration file. MoxaOnCellG3100V2 and so on are Moxa\u0027s IP gateway products. Moxa OnCell is prone to local information-disclosure vulnerability. \nThe following products are affected :\nMoxa OnCell G3100V2 Series, editions prior to Version 2.8. \nMoxa OnCell G3111/G3151/G3211/G3251 Series,editions prior to 1.7",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5812"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "VULHUB",
"id": "VHN-94631"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5812",
"trust": 3.4
},
{
"db": "ICS CERT",
"id": "ICSA-16-236-01",
"trust": 3.4
},
{
"db": "BID",
"id": "92605",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-06702",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-94631",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"id": "VAR-201608-0260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
}
],
"trust": 1.3728571659999997
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
}
]
},
"last_update_date": "2024-11-23T21:54:29.577000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Firmware for OnCell G3100V2 Series",
"trust": 0.8,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=416\u0026type_id=4"
},
{
"title": "Firmware for OnCell G3111/G3151/G3211/G3251 Series",
"trust": 0.8,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=316\u0026type_id=4"
},
{
"title": "Patches for multiple Moxa product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/80730"
},
{
"title": "Multiple Moxa Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63755"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-236-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/92605"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5812"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5812"
},
{
"trust": 0.6,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=316\u0026type_id=4"
},
{
"trust": 0.6,
"url": "http://www.moxa.com/support/sarch_result.aspx?type=soft\u0026prod_id=416\u0026type_id=4"
},
{
"trust": 0.3,
"url": "http://www.moxa.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"db": "VULHUB",
"id": "VHN-94631"
},
{
"db": "BID",
"id": "92605"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
},
{
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"date": "2016-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-94631"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92605"
},
{
"date": "2016-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"date": "2016-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-429"
},
{
"date": "2016-08-24T02:00:24.963000",
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06702"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94631"
},
{
"date": "2016-08-23T00:00:00",
"db": "BID",
"id": "92605"
},
{
"date": "2016-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004450"
},
{
"date": "2016-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-429"
},
{
"date": "2024-11-21T02:55:03.340000",
"db": "NVD",
"id": "CVE-2016-5812"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "92605"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Moxa OnCell Vulnerabilities that capture important information on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004450"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201608-429"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…