CVE-2023-5627

{"id": "CVE-2023-5627", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "psirt@moxa.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-11-01T16:15:08.790", "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-232905-nport-6000-series-incorrect-implementation-of-authentication-algorithm-vulnerability", "tags": ["Vendor Advisory"], "source": "psirt@moxa.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-327"}]}, {"type": "Secondary", "source": "psirt@moxa.com", "description": [{"lang": "en", "value": "CWE-257"}, {"lang": "en", "value": "CWE-303"}, {"lang": "en", "value": "CWE-327"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service. \n"}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en Series NPort 6000 que hace vulnerable el mecanismo de autenticaci\u00f3n. Esta vulnerabilidad surge de la implementaci\u00f3n incorrecta de la protecci\u00f3n de informaci\u00f3n confidencial, lo que potencialmente permite que usuarios malintencionados obtengan acceso no autorizado al servicio web."}], "lastModified": "2023-11-09T13:56:03.517", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6150-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "753655A9-BC00-4D1E-B706-683591DD3D84", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6150-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "16561579-3023-4987-BA2D-510E7F702F95"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6150_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05EED0A1-0FCB-4FC7-9A58-FE1D7E87E56D", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "87373328-5B7A-49DE-B18C-A35433B05786"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6250-m-sc-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13EC9806-5F4F-4A96-9607-722276398C4F", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6250-m-sc-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "53C5E9BB-7EF9-4D5E-A434-7F7CDD6C6C90"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6250-m-sc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42D24DED-96E6-495C-AC03-9E36C37D7B60", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6250-m-sc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DF3E455-E2B1-4547-8CB5-9B9E3B689BCE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6250-s-sc-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F77279B-C8F7-4123-A023-05823BCDA184", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6250-s-sc-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E65B1BFE-2337-4150-A705-DF2F21DAD021"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6250-s-sc_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39532E63-E5C6-48E0-B24D-232DD357EC7A", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6250-s-sc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "013C4153-1F2C-4F3A-8886-DF5053254FB3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6250-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBD1F360-F239-499E-9CE3-86653591E31F", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6250-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAC9EC01-08EC-4A3A-ABEE-83ABF35D7537"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6250_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9BAE00C-AA7E-4733-8078-FDBE8717A3EB", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CBCBBE08-DDC4-454D-9AD9-1C08524FC017"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6450-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5550B964-5B2E-47C9-A725-95E0E582E1BE", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6450-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DF9CB11F-FBC0-4068-98FE-94C03CCB858A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6450_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9091D8D0-5D6B-4DA4-B822-4199F9E583D7", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6450:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A95FA12B-162D-4DD5-99AE-3E4545B644E8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6610-16-48v_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BCFD072-719A-4296-A3E4-E83B29256EED", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6610-16-48v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE5EF2FD-FFB6-47EF-AD27-4103ED4C3F72"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6610-16_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B375BF55-9F72-4781-8FCE-7D9FD728431D", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6610-16:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8ADC8B97-BDA5-4E31-A4E9-3EC4CE2D9B56"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6610-32-48v_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C431ADF-39CC-43DB-A19C-9B16173F02C6", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6610-32-48v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "040EAB3F-AD86-4B57-A713-82D01142EF08"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6610-32_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3095C7F3-1095-43ED-9ED5-0B53CB208246", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6610-32:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "49DB4C67-D931-4130-98F5-718474DFDB90"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6610-8-48v_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1EFD832-207F-4121-A3CD-9FFBB447002E", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6610-8-48v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "05F3F72C-9EB8-4A6F-9510-14B14F455068"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6610-8_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0618A66-F8AD-48EE-B68F-8B25E2238749", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6610-8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2C4D93B7-76EB-4E2D-8A4D-F5679C6FA8E8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-16-48v_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04FDDDA7-29C3-4811-B126-C305D7979A3F", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-16-48v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98728458-E791-4A0E-BD0E-3E8A18D2936D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-16-hv-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE92C0F9-8900-4F9F-8FE2-018D399EE6B8", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-16-hv-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "161575B4-0DB8-475A-9B36-3C1271F2A0B9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-16-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11BBE9AD-898B-43BC-AED3-B9C5ACDA19C9", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-16-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8BB86D88-E0F2-43A5-BBBA-2D91F7BABD39"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-16_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F690542-6577-4CB9-987D-C56757563C9A", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-16:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12270C4F-FBB5-413F-BDB0-2DE57C5633F4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-32-48v_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A01B386A-997C-4ED2-BB2F-39E421890240", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-32-48v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "32764C13-67F4-47CD-A7AE-5E14A17A2004"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-32-hv-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B8D2048-4E5B-478C-B27B-F51C5B64B14B", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-32-hv-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "846D712E-9596-4834-BCD8-C134E5476246"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-32_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7FD01E0-8FFF-4245-B562-655A94EBCCAE", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-32:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "96FC32AA-F365-45D3-B405-0BB786AE8CA5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-8-48v_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8EC6082-8FEC-497A-8EE2-585ACB7FD479", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-8-48v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2BECCFBC-6D37-4C69-8491-06B631501330"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-8-hv-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB123383-CD02-4CD1-8B77-1AC1D195DE54", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-8-hv-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D87ECB6C-1518-42AD-95D9-D70FD5D2BC7C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-8-t_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B911B8C5-5733-4B2F-8D14-C9A7D1D15250", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-8-t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A3BC9725-C9CA-4505-89A9-CF26B7306F9F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_6650-8_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68E99009-D953-43FF-8EB8-9062B94245CA", "versionEndIncluding": "1.21"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_6650-8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "056C16AB-1EDC-4F42-96C5-14C3C9756857"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@moxa.com"}