Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt credentials, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-16-063-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2016-03-04 15:59
Updated : 2024-02-28 15:21
NVD link : CVE-2016-2282
Mitre link : CVE-2016-2282
CVE.ORG link : CVE-2016-2282
JSON object : View
Products Affected
moxa
- iologik_e2212
- iologik_e2260
- iologik_e2242
- iologik_e2212-t
- iologik_e2214-t
- iologik_e2210
- iologik_e2262
- iologik_e2262-t
- iologik_e2260-t
- iologik_e2214
- iologik_e2242-t
- iologik_firmware
- iologik_e2240
- iologik_e2210-t
- ioadmin_firmware
- iologik_e2240-t
CWE
CWE-255
Credentials Management Errors