Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authentication via a brute-force series of guesses for a parameter value.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/91777 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02 | Third Party Advisory US Government Resource |
http://www.securityfocus.com/bid/91777 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
History
21 Nov 2024, 02:55
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/91777 - Third Party Advisory, VDB Entry | |
References | () https://ics-cert.us-cert.gov/advisories/ICSA-16-196-02 - Third Party Advisory, US Government Resource |
Information
Published : 2016-07-15 16:59
Updated : 2024-11-21 02:55
NVD link : CVE-2016-5804
Mitre link : CVE-2016-5804
CVE.ORG link : CVE-2016-5804
JSON object : View
Products Affected
moxa
- mgate_mb3170
- mgate_mb3270_firmware
- mgate_mb3270
- mgate_mb3180
- mgate_mb3480
- mgate_mb3280_firmware
- mgate_mb3280
- mgate_mb3180_firmware
- mgate_mb3480_firmware
- mgate_mb3170_firmware
CWE
CWE-326
Inadequate Encryption Strength