{"id": "CVE-2016-9371", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2017-02-13T21:59:02.347", "references": [{"url": "http://www.securityfocus.com/bid/85965", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "http://www.securityfocus.com/bid/85965", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. User-controlled input is not neutralized before being output to web page (CROSS-SITE SCRIPTING)."}, {"lang": "es", "value": "Ha sido descubierto un problema en Moxa NPort 5110 versiones anteriores a 2.6, NPort 5130/5150 Series versiones anteriores a 3.6, NPort 5200 Series versiones anteriores a 2.8, NPort 5400 Series versiones anteriores a 3.11, NPort 5600 Series versiones anteriores a 3.7, NPort 5100A Series & NPort P5150A versiones anteriores a 1.3, NPort 5200A Series versiones anteriores a 1.3, NPort 5150AI-M12 Series versiones anteriores a 1.2, NPort 5250AI-M12 Series versiones anteriores a 1.2, NPort 5450AI-M12 Series versiones anteriores a 1.2, NPort 5600-8-DT Series versiones anteriores a 2.4, NPort 5600-8-DTL Series versiones anteriores a 2.4, NPort 6x50 Series versiones anteriores a 1.13.11, NPort IA5450A versiones anteriores a v1.4. La entrada controlada por el usuario no es neutralizada antes de ser enviada a la p\u00e1gina web (XSS)."}], "lastModified": "2024-11-21T03:01:02.400", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5100_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8B36FF8-808A-4BFB-BF3E-C454449EC761", "versionEndIncluding": "2.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5110:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B9D28B00-C0BD-4B70-B871-9D18F37DCBE9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5100_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "747C55F4-D7CF-418B-BAFB-64CE71F4DD63", "versionEndIncluding": "3.5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5130:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E5507650-F3BF-45AF-AA54-06CF3EAF7DDB"}, {"criteria": "cpe:2.3:h:moxa:nport_5150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CD7B68B-128D-4AB0-AE9E-A8B9329D67C5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5200_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A24577B4-5E3C-4727-8A50-EA3C33401636", "versionEndIncluding": "2.7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5210:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "18402F31-34ED-431B-A9D3-1EDC546B9381"}, {"criteria": "cpe:2.3:h:moxa:nport_5230:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A98BEE65-958C-45B0-915B-BEB39E356CBE"}, {"criteria": "cpe:2.3:h:moxa:nport_5232:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C40A47B2-55B7-43E3-9E01-34CB57D16267"}, {"criteria": "cpe:2.3:h:moxa:nport_5232i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E1D65E4-3836-41FC-9F06-A78D7D0AB2EC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5400_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5834C0C2-0C1F-40AA-BBE8-1A01E10A43AD", "versionEndIncluding": "3.10"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5410:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FD9C3024-D682-4C4E-AF88-29F9FEA8AF12"}, {"criteria": "cpe:2.3:h:moxa:nport_5430:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A398369-6E35-492C-9D85-6564B030E858"}, {"criteria": "cpe:2.3:h:moxa:nport_5430i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0EF39890-7A93-43EA-964C-3AE5B747E0E7"}, {"criteria": "cpe:2.3:h:moxa:nport_5450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "38683F12-3FFD-4E9F-BDBF-6AD386A59091"}, {"criteria": "cpe:2.3:h:moxa:nport_5450-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E747BEA-5087-4E3C-8DFF-EFFD84FE187F"}, {"criteria": "cpe:2.3:h:moxa:nport_5450i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6FE28734-0DC6-4150-B282-E85FA86CD3F0"}, {"criteria": "cpe:2.3:h:moxa:nport_5450i-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1AB85377-D610-40C0-9BAA-482A6F039D31"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5600_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "649F9322-D82E-4C2D-944F-748C581BF1E4", "versionEndIncluding": "3.6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5610:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3CF626E1-EC48-4D6B-9942-035122B9A887"}, {"criteria": "cpe:2.3:h:moxa:nport_5630:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6B68C29-57E5-427A-AA83-D0A44E18E468"}, {"criteria": "cpe:2.3:h:moxa:nport_5650:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6947F0B7-12D9-47B7-BABD-3579D620EC4A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5100a_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76059B73-20B0-4BF5-BAD9-A1D00F9DACAD", "versionEndIncluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5110a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A659CBC-2A65-46AB-ACED-2C5EFC17BE71"}, {"criteria": "cpe:2.3:h:moxa:nport_5130a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC23CCC6-A408-452A-96F2-046662551832"}, {"criteria": "cpe:2.3:h:moxa:nport_5150a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "184129E6-9A9C-49BB-AE95-D0CEC1C5EBF2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_p5150a_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB976330-9062-48C3-9ED9-0B696CB778AC", "versionEndIncluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_p5110a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DF26B8A9-FDC5-4634-B341-7C6F2E1BCBF4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5200a_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AF38EB9-EFE7-4A1B-94D7-5E5011FFBBA0", "versionEndIncluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5210a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "42B39317-D97B-4E9B-A6C3-B006B7A078F6"}, {"criteria": "cpe:2.3:h:moxa:nport_5230a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "23518919-EAD2-43B9-91EB-946C044073F9"}, {"criteria": "cpe:2.3:h:moxa:nport_5250a:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED314ED8-2665-44F4-9FFF-940547392B6B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5x50a1-m12_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8233CDC-98F0-46F3-AB55-DC7DEF9630AB", "versionEndIncluding": "1.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5150a1-m12:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "647275A0-6F25-4002-AE26-5F8397159FB1"}, {"criteria": "cpe:2.3:h:moxa:nport_5150a1-m12-ct:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0908C5BA-5568-4612-A96B-3869979FCB83"}, {"criteria": "cpe:2.3:h:moxa:nport_5150a1-m12-ct-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9152230A-AC8C-4B43-99A9-6AF4C26CE4C1"}, {"criteria": "cpe:2.3:h:moxa:nport_5150a1-m12-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E919D3F5-12E4-42F4-BE48-D426240BE2AF"}, {"criteria": "cpe:2.3:h:moxa:nport_5250a1-m12:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86DCA3A9-CEF1-493F-89EB-B39275906E32"}, {"criteria": "cpe:2.3:h:moxa:nport_5250a1-m12-ct:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1A1FDA9E-2D80-4407-94F6-6787EB605E37"}, {"criteria": "cpe:2.3:h:moxa:nport_5250a1-m12-ct-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "479014A6-4878-4372-82F9-9274FC90F487"}, {"criteria": "cpe:2.3:h:moxa:nport_5250a1-m12-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "968A147A-9E5C-46E3-AE27-155EF7332D60"}, {"criteria": "cpe:2.3:h:moxa:nport_5450a1-m12:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "10C16DCC-6489-43D8-96BF-4F4D10561956"}, {"criteria": "cpe:2.3:h:moxa:nport_5450a1-m12-ct:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "41216A7C-065A-4022-9ECD-35052C033C24"}, {"criteria": "cpe:2.3:h:moxa:nport_5450a1-m12-ct-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5D5BE975-D504-4F21-BC05-F5087F9BAD57"}, {"criteria": "cpe:2.3:h:moxa:nport_5450a1-m12-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AD728AD5-D527-4A88-B80E-C278E9369AA6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5600-8-dtl_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7383E19A-8524-4CF0-8E6A-D6598BFBBEBF", "versionEndIncluding": "2.3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5610-8-dtl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4ADBF536-3320-4F38-BF68-CC69EEB07454"}, {"criteria": "cpe:2.3:h:moxa:nport_5650-8-dtl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B68B983-04C3-494A-9B1B-BB57A456E3FF"}, {"criteria": "cpe:2.3:h:moxa:nport_5650i-8-dtl:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8DAE50DD-65CC-467E-878C-6EC68BF1743B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6100_series_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0D45D46-9160-43D3-9D94-407127CDC184", "versionEndIncluding": "1.13"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "87373328-5B7A-49DE-B18C-A35433B05786"}, {"criteria": "cpe:2.3:h:moxa:nport_6150-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "16561579-3023-4987-BA2D-510E7F702F95"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}