- Description
- The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.
- Source
- psirt@moxa.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 6.8
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 7.1
- Impact score
- 5.2
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
- Severity
- HIGH
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:mxview_one:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24690651-4F3A-431A-845A-B7CCBD1D24D2",
"versionEndExcluding": "1.4.1"
},
{
"criteria": "cpe:2.3:a:moxa:mxview_one_central_manager:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33EAC644-D402-43FA-BC54-E193F34C0A1F"
}
],
"operator": "OR"
}
]
}
]