A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic.
References
Link | Resource |
---|---|
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities | Patch Vendor Advisory |
Configurations
History
08 Sep 2023, 13:23
Type | Values Removed | Values Added |
---|---|---|
First Time |
Moxa
Moxa mxsecurity |
|
References | (MISC) https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
CPE | cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:* | |
CWE | CWE-798 |
02 Sep 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-02 13:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-39982
Mitre link : CVE-2023-39982
CVE.ORG link : CVE-2023-39982
JSON object : View
Products Affected
moxa
- mxsecurity
CWE
CWE-798
Use of Hard-coded Credentials