Vulnerability Description
Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Iks-G6824A Firmware | <= 4.5 |
| Moxa | Iks-G6824A | - |
| Moxa | Eds-405A Firmware | <= 3.8 |
| Moxa | Eds-405A | - |
| Moxa | Eds-408A Firmware | <= 3.8 |
| Moxa | Eds-408A | - |
| Moxa | Eds-510A Firmware | <= 3.8 |
| Moxa | Eds-510A | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/107178Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/107178Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2019-6518?
CVE-2019-6518 is a vulnerability with a CVSS score of 7.5 (HIGH). Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device.
How severe is CVE-2019-6518?
CVE-2019-6518 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-6518?
Check the references section above for vendor advisories and patch information. Affected products include: Moxa Iks-G6824A Firmware, Moxa Iks-G6824A, Moxa Eds-405A Firmware, Moxa Eds-405A, Moxa Eds-408A Firmware.