var-201903-0186
Vulnerability from variot
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device. Moxa IKS and EDS Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaIKS and EDS are Moxa's line of industrial switches. There are predictable cookie vulnerabilities in the MoxaIKS and EDS series. The vulnerability stems from the fact that the software generates a predictable cookie that uses the MD5 hash calculation. An attacker could exploit the vulnerability to capture an administrator password for complete control of the device. Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch. The vulnerability is caused by the program generating easily predictable cookies
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0186",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iks-g6824a",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.5"
},
{
"model": "eds-510a",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.8"
},
{
"model": "eds-405a",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.8"
},
{
"model": "eds-408a",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.8"
},
{
"model": "eds-405a series",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "eds-408a series",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "eds-510a series",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iks-g6824a series",
"scope": null,
"trust": 0.8,
"vendor": "moxa",
"version": null
},
{
"model": "iks-g6824a",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=4.5"
},
{
"model": "eds-405a",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=3.8"
},
{
"model": "eds-408a",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=3.8"
},
{
"model": "eds-510a",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=3.8"
},
{
"model": "iks-g6824a",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "4.5"
},
{
"model": "eds-510a",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "3.8"
},
{
"model": "eds-408a",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "3.8"
},
{
"model": "eds-405a",
"scope": "eq",
"trust": 0.3,
"vendor": "moxa",
"version": "3.8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "iks g6824a",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "eds 405a",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "eds 408a",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "eds 510a",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1"
},
{
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"db": "BID",
"id": "107178"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"db": "NVD",
"id": "CVE-2019-6563"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:moxa:eds-405a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:eds-408a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:eds-510a_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:iks-g6824a_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan B, Sergey Fedonin, and Vyacheslav Moskvin of Positive Technologies Security reported these vulnerabilities to NCCIC.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-943"
}
],
"trust": 0.6
},
"cve": "CVE-2019-6563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-6563",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-06058",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-157998",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-6563",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-6563",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6563",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-6563",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-06058",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201902-943",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-157998",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-6563",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1"
},
{
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"db": "VULHUB",
"id": "VHN-157998"
},
{
"db": "VULMON",
"id": "CVE-2019-6563"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-943"
},
{
"db": "NVD",
"id": "CVE-2019-6563"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator\u0027s password, which could lead to a full compromise of the device. Moxa IKS and EDS Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaIKS and EDS are Moxa\u0027s line of industrial switches. There are predictable cookie vulnerabilities in the MoxaIKS and EDS series. The vulnerability stems from the fact that the software generates a predictable cookie that uses the MD5 hash calculation. An attacker could exploit the vulnerability to capture an administrator password for complete control of the device. Moxa IKS and EDS are prone to following security vulnerabilities:\n1. A cross-site-scripting vulnerability\n2. Multiple stack-based buffer-overflow vulnerabilities\n3. A security vulnerability\n4. An information disclosure vulnerability\n5. A cross-site request-forgery vulnerability\n6. Multiple denial-of-service vulnerabilities\n7. A security-bypass vulnerability\n8. An authentication bypass vulnerability\nAn attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. \nThe following Moxa products and versions are affected:\nIKS-G6824A series versions 4.5 and prior,\nEDS-405A series versions 3.8 and prior,\nEDS-408A series versions 3.8 and prior, and\nEDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch. The vulnerability is caused by the program generating easily predictable cookies",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6563"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"db": "BID",
"id": "107178"
},
{
"db": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1"
},
{
"db": "VULHUB",
"id": "VHN-157998"
},
{
"db": "VULMON",
"id": "CVE-2019-6563"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6563",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-19-057-01",
"trust": 3.5
},
{
"db": "BID",
"id": "107178",
"trust": 2.1
},
{
"db": "CNNVD",
"id": "CNNVD-201902-943",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-06058",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.0597",
"trust": 0.6
},
{
"db": "IVD",
"id": "968D3D57-4F83-4A50-9BEC-32450036E0E1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-157998",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-6563",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1"
},
{
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"db": "VULHUB",
"id": "VHN-157998"
},
{
"db": "VULMON",
"id": "CVE-2019-6563"
},
{
"db": "BID",
"id": "107178"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-943"
},
{
"db": "NVD",
"id": "CVE-2019-6563"
}
]
},
"id": "VAR-201903-0186",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1"
},
{
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"db": "VULHUB",
"id": "VHN-157998"
}
],
"trust": 1.61445105
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1"
},
{
"db": "CNVD",
"id": "CNVD-2019-06058"
}
]
},
"last_update_date": "2024-11-23T21:52:28.266000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/"
},
{
"title": "MoxaIKS and EDS can predict patches for cookie vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/155117"
},
{
"title": "Multiple Moxa Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89662"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-943"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-916",
"trust": 1.1
},
{
"problemtype": "CWE-341",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-157998"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"db": "NVD",
"id": "CVE-2019-6563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-057-01"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/107178"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6563"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6563"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-057-01"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76138"
},
{
"trust": 0.3,
"url": "http://www.moxastore.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/916.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"db": "VULHUB",
"id": "VHN-157998"
},
{
"db": "VULMON",
"id": "CVE-2019-6563"
},
{
"db": "BID",
"id": "107178"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-943"
},
{
"db": "NVD",
"id": "CVE-2019-6563"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1"
},
{
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"db": "VULHUB",
"id": "VHN-157998"
},
{
"db": "VULMON",
"id": "CVE-2019-6563"
},
{
"db": "BID",
"id": "107178"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"db": "CNNVD",
"id": "CNNVD-201902-943"
},
{
"db": "NVD",
"id": "CVE-2019-6563"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-04T00:00:00",
"db": "IVD",
"id": "968d3d57-4f83-4a50-9bec-32450036e0e1"
},
{
"date": "2019-03-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"date": "2019-03-05T00:00:00",
"db": "VULHUB",
"id": "VHN-157998"
},
{
"date": "2019-03-05T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6563"
},
{
"date": "2019-02-26T00:00:00",
"db": "BID",
"id": "107178"
},
{
"date": "2019-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"date": "2019-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-943"
},
{
"date": "2019-03-05T20:29:00.547000",
"db": "NVD",
"id": "CVE-2019-6563"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-06058"
},
{
"date": "2020-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-157998"
},
{
"date": "2020-10-05T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6563"
},
{
"date": "2019-02-26T00:00:00",
"db": "BID",
"id": "107178"
},
{
"date": "2019-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002342"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201902-943"
},
{
"date": "2024-11-21T04:46:42.157000",
"db": "NVD",
"id": "CVE-2019-6563"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-943"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa IKS and EDS Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002342"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201902-943"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.