Lucene search
IcscertCVE-2015-6464HistorySep 11, 2015 - 4:59 p.m.
CVE-2015-6464
2015-09-1116:59:07
icscert
web.nvd.nist.gov
26
moxa
eds-405a
eds-408a
firmware
bypass
read-only
protection
web interface
cve-2015-6464
nvd
CVSS2
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
54.0%
The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer plugin.
Affected configurations
Node
moxaeds-405a_firmwareRange≤3.4
ORmoxaeds-408a_firmwareRange≤3.4
moxaeds-405aMatch-
ORmoxaeds-408aMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moxa | eds-405a_firmware | * | cpe:2.3:o:moxa:eds-405a_firmware:*:*:*:*:*:*:*:* |
| moxa | eds-408a_firmware | * | cpe:2.3:o:moxa:eds-408a_firmware:*:*:*:*:*:*:*:* |
| moxa | eds-405a | - | cpe:2.3:h:moxa:eds-405a:-:*:*:*:*:*:*:* |
| moxa | eds-408a | - | cpe:2.3:h:moxa:eds-408a:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-6464
2015-09-11 16:00:00
nvd
nvd
CVE-2015-6464
2015-09-11 16:59:07
prion
prion
Design/Logic Flaw
2015-09-11 16:59:00
nessus
nessus
Moxa Industrial Managed Switch Improper Privilege Management (CVE-2015-6464)
2023-08-02 00:00:00
ics
ics
Moxa Industrial Managed Switch Vulnerabilities
2018-08-27 12:00:00
openvas
openvas
Moxa EDS-405A/408A < 3.6 Multiple Vulnerabilities
2016-06-23 00:00:00
CVSS2
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:C/A:C
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
54.0%
Related for CVE-2015-6464