HIGH✓ PATCH🇬🇧 English

CVE-2023-39982

CVSS 7.5v3.1pub. 2023-09-02upd. 2024-11-21

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Moxa Mxsecurity

    APP
    Moxa
    ≤ 1.0.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2023-39979CRITICAL9.8ten sam produkt

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication....

CVE-2023-33236CRITICAL9.8ten sam produkt

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability has been report...

CVE-2023-39981HIGH7.5ten sam produkt

A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1...

CVE-2023-39980HIGH7.1ten sam produkt

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MX...

CVE-2023-33235HIGH7.2ten sam produkt

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported ...