Vulnerability Description
Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Edr-810 Firmware | <= 5.1 |
| Moxa | Edr-810 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-InforExploitThird Party AdvisoryVDB Entry
- https://www.us-cert.gov/ics/advisories/icsa-19-274-03Third Party AdvisoryUS Government Resource
- http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-InforExploitThird Party AdvisoryVDB Entry
- https://www.us-cert.gov/ics/advisories/icsa-19-274-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2019-10963?
CVE-2019-10963 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must hav...
How severe is CVE-2019-10963?
CVE-2019-10963 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-10963?
Check the references section above for vendor advisories and patch information. Affected products include: Moxa Edr-810 Firmware, Moxa Edr-810.