CVE-2016-9346

{"id": "CVE-2016-9346", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2017-02-13T21:59:01.800", "references": [{"url": "http://www.securityfocus.com/bid/94783", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-343-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. Configuration data are stored in a file that is not encrypted."}, {"lang": "es", "value": "Ha sido descubierto un problema en Moxa MiiNePort E1 versiones anteriores a 1.8, E2 versiones anteriores a 1.4 y E3 versiones anteriores a 1.1. Los datos de configuraci\u00f3n son almacenados en un archivo que no est\u00e1 cifrado."}], "lastModified": "2017-02-23T19:44:27.380", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:miineport_e1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5768CC53-4855-45C6-9FD0-C3603B2FBA7C", "versionEndIncluding": "1.7"}, {"criteria": "cpe:2.3:o:moxa:miineport_e2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E099C55B-0E6B-448E-A524-7D405261DC88", "versionEndIncluding": "1.3"}, {"criteria": "cpe:2.3:o:moxa:miineport_e3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD73B290-2AB0-4AAB-B9D6-E655181C88D0", "versionEndIncluding": "1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:miineport_e1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "08E72C6A-A107-4EB6-9692-C769DE9EEA17"}, {"criteria": "cpe:2.3:h:moxa:miineport_e2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AACCDD37-C2D0-473A-ACE5-2B1246BF4712"}, {"criteria": "cpe:2.3:h:moxa:miineport_e3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C0017FB3-ADDC-477E-B4CD-4BFF1977CED0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}