CVE-2016-2285
Published May 31, 2016
Last updated 8 years ago
Overview
- Description
- Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-352
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:miineport_e2_1242:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "11908A9E-F663-465E-8B82-BF87E3784B47"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:miineport_e2_1242_firmware:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E792AAB-B443-4B47-B107-A63E13A63BC2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:miineport_e2_4561:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E91547AA-0065-45E2-9F2B-FF3B72BD45E3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:miineport_e2_4561_firmware:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3066833-C70E-47C1-A9DE-C2BB45F2A705"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:miineport_e1_7080:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5C447CD7-DE56-400E-A2FE-DBDB2C823582"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:miineport_e1_7080_firmware:1.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4146FD5D-353C-46B7-B20E-332938FBF293"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:miineport_e3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C0017FB3-ADDC-477E-B4CD-4BFF1977CED0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:miineport_e3_firmware:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99CDEEBE-99D9-4236-9607-04395FA566DD"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:moxa:miineport_e1_4641:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A6D91144-8D7D-4DED-B095-0033BD8F05C2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:moxa:miineport_e1_4641_firmware:1.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33701ECB-E809-4969-8C98-F6E177E769A4"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]