CVE-2021-40392

CWE-319Cleartext Transmission5 documents4 sources
Severity
7.5HIGH
EPSS
0.1%
top 64.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Moxa Mxview SeriesMoxa Mxview
Timeline
PublishedApr 14
Latest updateApr 15

Description

An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5moxa/mxview_series3.2.4
NVDmoxa/mxview3.2.4

🔴Vulnerability Details

2
GHSA
GHSA-w6wg-hmcm-v767: An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 32022-04-15
CVEList
CVE-2021-40392: An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 32022-04-14

🕵️Threat Intelligence

2
Talos
Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login2022-02-11
Talos
Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login2022-02-11
CVE-2021-40392 (HIGH CVSS 7.5) | An information disclosure vulnerabi | cvebase.io