ID
VAR-201704-1540
CVE
CVE-2017-7455
TITLE
Moxa MXView In Web Server private key file read vulnerability
Trust: 0.8
sources:
JVNDB: JVNDB-2017-003136
DESCRIPTION
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. Moxa MXView is a network management software for Moxa's configuration, monitoring and diagnostics of network devices in Industrial Ethernet. A security vulnerability exists in Moxa's MXView version 2.8
Trust: 2.52
sources:
NVD: CVE-2017-7455 //
JVNDB: JVNDB-2017-003136 //
CNVD: CNVD-2017-05668 //
IVD: ab49f86b-ace4-484e-9a29-ce3e2d8e318f //
VULHUB: VHN-115658 //
VULMON: CVE-2017-7455
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.8 |
sources:
IVD: ab49f86b-ace4-484e-9a29-ce3e2d8e318f //
CNVD: CNVD-2017-05668
AFFECTED PRODUCTS
| vendor: | moxa | model: | mxview | scope: | eq | version: | 2.8 | Trust: 3.0 |
| vendor: | mxview | model: | - | scope: | eq | version: | 2.8 | Trust: 0.2 |
sources:
IVD: ab49f86b-ace4-484e-9a29-ce3e2d8e318f //
CNVD: CNVD-2017-05668 //
JVNDB: JVNDB-2017-003136 //
CNNVD: CNNVD-201704-832 //
NVD: CVE-2017-7455
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
IVD: ab49f86b-ace4-484e-9a29-ce3e2d8e318f //
CNVD: CNVD-2017-05668 //
VULHUB: VHN-115658 //
VULMON: CVE-2017-7455 //
JVNDB: JVNDB-2017-003136 //
CNNVD: CNNVD-201704-832 //
NVD: CVE-2017-7455
PROBLEMTYPE DATA
| problemtype: | CWE-200 | Trust: 1.9 |
sources:
VULHUB: VHN-115658 //
JVNDB: JVNDB-2017-003136 //
NVD: CVE-2017-7455
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201704-832
TYPE
information disclosure
Trust: 0.6
sources:
CNNVD: CNNVD-201704-832
CONFIGURATIONS
sources:
JVNDB: JVNDB-2017-003136
EXPLOIT AVAILABILITY
sources:
VULHUB: VHN-115658 //
VULMON: CVE-2017-7455
PATCH
| title: | MXview | url: | http://www.moxa.com/product/MXview.htm | Trust: 0.8 |
| title: | Moxa MXView security vulnerability patch | url: | https://www.cnvd.org.cn/patchInfo/show/92959 | Trust: 0.6 |
| title: | Moxa MXView Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69330 | Trust: 0.6 |
sources:
CNVD: CNVD-2017-05668 //
JVNDB: JVNDB-2017-003136 //
CNNVD: CNNVD-201704-832
EXTERNAL IDS
| db: | NVD | id: | CVE-2017-7455 | Trust: 3.4 |
| db: | PACKETSTORM | id: | 142074 | Trust: 2.6 |
| db: | EXPLOIT-DB | id: | 41850 | Trust: 1.2 |
| db: | CNNVD | id: | CNNVD-201704-832 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2017-05668 | Trust: 0.8 |
| db: | JVNDB | id: | JVNDB-2017-003136 | Trust: 0.8 |
| db: | IVD | id: | AB49F86B-ACE4-484E-9A29-CE3E2D8E318F | Trust: 0.2 |
| db: | VULHUB | id: | VHN-115658 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2017-7455 | Trust: 0.1 |
sources:
IVD: ab49f86b-ace4-484e-9a29-ce3e2d8e318f //
CNVD: CNVD-2017-05668 //
VULHUB: VHN-115658 //
VULMON: CVE-2017-7455 //
JVNDB: JVNDB-2017-003136 //
CNNVD: CNNVD-201704-832 //
NVD: CVE-2017-7455
REFERENCES
| url: | http://packetstormsecurity.com/files/142074/moxa-mxview-2.8-private-key-disclosure.html | Trust: 2.6 |
| url: | http://hyp3rlinx.altervista.org/advisories/moxa-mxview-v2.8-remote-private-key-disclosure.txt | Trust: 2.4 |
| url: | http://seclists.org/fulldisclosure/2017/apr/49 | Trust: 1.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2017-7455 | Trust: 1.4 |
| url: | https://www.exploit-db.com/exploits/41850/ | Trust: 1.3 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7455 | Trust: 0.8 |
| url: | https://cwe.mitre.org/data/definitions/200.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
CNVD: CNVD-2017-05668 //
VULHUB: VHN-115658 //
VULMON: CVE-2017-7455 //
JVNDB: JVNDB-2017-003136 //
CNNVD: CNNVD-201704-832 //
NVD: CVE-2017-7455
SOURCES
| db: | IVD | id: | ab49f86b-ace4-484e-9a29-ce3e2d8e318f |
| db: | CNVD | id: | CNVD-2017-05668 |
| db: | VULHUB | id: | VHN-115658 |
| db: | VULMON | id: | CVE-2017-7455 |
| db: | JVNDB | id: | JVNDB-2017-003136 |
| db: | CNNVD | id: | CNNVD-201704-832 |
| db: | NVD | id: | CVE-2017-7455 |
LAST UPDATE DATE
2024-11-23T21:41:21.726000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2017-05668 | date: | 2017-05-07T00:00:00 |
| db: | VULHUB | id: | VHN-115658 | date: | 2017-08-16T00:00:00 |
| db: | VULMON | id: | CVE-2017-7455 | date: | 2017-08-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-003136 | date: | 2017-05-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201704-832 | date: | 2017-04-18T00:00:00 |
| db: | NVD | id: | CVE-2017-7455 | date: | 2024-11-21T03:31:56.120 |
SOURCES RELEASE DATE
| db: | IVD | id: | ab49f86b-ace4-484e-9a29-ce3e2d8e318f | date: | 2017-04-30T00:00:00 |
| db: | CNVD | id: | CNVD-2017-05668 | date: | 2017-04-30T00:00:00 |
| db: | VULHUB | id: | VHN-115658 | date: | 2017-04-14T00:00:00 |
| db: | VULMON | id: | CVE-2017-7455 | date: | 2017-04-14T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-003136 | date: | 2017-05-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201704-832 | date: | 2017-04-18T00:00:00 |
| db: | NVD | id: | CVE-2017-7455 | date: | 2017-04-14T14:59:00.383 |