CVE-2016-9344

An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. An attacker may be able to brute force an active session cookie to be able to download configuration files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
moxamiineport_e1_firmware
𝑥
≤ 1.7
moxamiineport_e2_firmware
𝑥
≤ 1.3
moxamiineport_e3_firmware
𝑥
≤ 1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/94783
https://ics-cert.us-cert.gov/advisories/ICSA-16-343-01
http://www.securityfocus.com/bid/94783
https://ics-cert.us-cert.gov/advisories/ICSA-16-343-01