HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2022-40693

CVSS 7.5v3.1pub. 2023-02-07upd. 2024-11-21

A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Moxa Sds 3008

    HW
    Moxa
    wszystkie wersje
  • Moxa Sds 3008 Firmware

    OS
    Moxa
    ≤ 2.1
  • Moxa Sds 3008 T

    HW
    Moxa
    wszystkie wersje
  • Moxa Sds 3008 T Firmware

    OS
    Moxa
    ≤ 2.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2022-40224HIGH7.5ten sam produkt

A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Et...

CVE-2022-40691MEDIUM5.3ten sam produkt

An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series In...

CVE-2022-41311MEDIUM5.4ten sam produkt

A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Serie...

CVE-2022-41312MEDIUM5.4ten sam produkt

A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Serie...

CVE-2022-41313MEDIUM5.4ten sam produkt

A stored cross-site scripting vulnerability exists in the web application functionality of Moxa SDS-3008 Serie...