Lucene search
IcscertCVE-2012-3039HistoryAug 09, 2013 - 11:55 p.m.
CVE-2012-3039
2013-08-0923:55:02
CWE-310
icscert
web.nvd.nist.gov
26
cve-2012-3039
moxa oncell gateway
g3111
g3151
g3211
g3251
firmware
ssh
ssl
key
vulnerability
nvd
CVSS2
7.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:S/C:C/I:C/A:C
AI Score
7
Confidence
Low
EPSS
0.002
Percentile
59.1%
Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with firmware before 1.4 do not use a sufficient source of entropy for SSH and SSL keys, which makes it easier for remote attackers to obtain access by leveraging knowledge of a key from a product installation elsewhere.
Affected configurations
Node
moxaoncell_gateway_firmwareRange≤1.3
moxaoncell_gateway_g3111Match-
ORmoxaoncell_gateway_g3151Match-
ORmoxaoncell_gateway_g3211Match-
ORmoxaoncell_gateway_g3251Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moxa | oncell_gateway_firmware | * | cpe:2.3:o:moxa:oncell_gateway_firmware:*:*:*:*:*:*:*:* |
| moxa | oncell_gateway_g3111 | - | cpe:2.3:h:moxa:oncell_gateway_g3111:-:*:*:*:*:*:*:* |
| moxa | oncell_gateway_g3151 | - | cpe:2.3:h:moxa:oncell_gateway_g3151:-:*:*:*:*:*:*:* |
| moxa | oncell_gateway_g3211 | - | cpe:2.3:h:moxa:oncell_gateway_g3211:-:*:*:*:*:*:*:* |
| moxa | oncell_gateway_g3251 | - | cpe:2.3:h:moxa:oncell_gateway_g3251:-:*:*:*:*:*:*:* |
Related
ics
ics
MOXA Weak Entropy in DSA Keys Vulnerability
2015-06-02 12:00:00
cvelist
cvelist
CVE-2012-3039
2013-08-09 23:00:00
prion
prion
Design/Logic Flaw
2013-08-09 23:55:00
nvd
nvd
CVE-2012-3039
2013-08-09 23:55:02
CVSS2
7.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:S/C:C/I:C/A:C
AI Score
7
Confidence
Low
EPSS
0.002
Percentile
59.1%
Related for CVE-2012-3039