CVE-2023-3336

CWE-204CWE-2033 documents3 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 54.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Moxa Tn-5900 SeriesMoxa Tn-5900 Firmware
Timeline
PublishedJul 5

Description

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5moxa/tn-5900_series1.03.3

🔴Vulnerability Details

2
GHSA
GHSA-78g4-c5r9-6gh7: TN-5900 Series version 32023-07-05
CVEList
TN-5900 Series User Enumeration Vulnerability2023-07-05
CVE-2023-3336 (MEDIUM CVSS 5.3) | TN-5900 Series version 3.3 and prio | cvebase.io