A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic.
References
Link | Resource |
---|---|
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities | Patch Vendor Advisory |
Configurations
History
28 Oct 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-321 | |
Summary | (en) A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic. |
08 Sep 2023, 13:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:* | |
CWE | CWE-798 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
First Time |
Moxa
Moxa mxsecurity |
|
References | (MISC) https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities - Patch, Vendor Advisory |
02 Sep 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-02 13:15
Updated : 2024-10-28 07:15
NVD link : CVE-2023-39982
Mitre link : CVE-2023-39982
CVE.ORG link : CVE-2023-39982
JSON object : View
Products Affected
moxa
- mxsecurity