← voltar
CVE-2024-6785

MXview One and MXview One Central Manager Series store cleartext credentials in a local file

CVSS 6.8 MEDIUMEPSS 0.1%CWE-313
The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Produtos afetados
Moxa · MXview One Central Manager SeriesMoxa · MXview One Series

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series