Sign-up

ID

VAR-201903-0186


CVE

CVE-2019-6563


TITLE

Moxa IKS and EDS Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2019-002342

DESCRIPTION

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device. Moxa IKS and EDS Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MoxaIKS and EDS are Moxa's line of industrial switches. There are predictable cookie vulnerabilities in the MoxaIKS and EDS series. The vulnerability stems from the fact that the software generates a predictable cookie that uses the MD5 hash calculation. An attacker could exploit the vulnerability to capture an administrator password for complete control of the device. Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch. The vulnerability is caused by the program generating easily predictable cookies

Trust: 2.79

sources: NVD: CVE-2019-6563 // JVNDB: JVNDB-2019-002342 // CNVD: CNVD-2019-06058 // BID: 107178 // IVD: 968d3d57-4f83-4a50-9bec-32450036e0e1 // VULHUB: VHN-157998 // VULMON: CVE-2019-6563

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 968d3d57-4f83-4a50-9bec-32450036e0e1 // CNVD: CNVD-2019-06058

AFFECTED PRODUCTS

vendor:moxamodel:iks-g6824ascope:lteversion:4.5

Trust: 1.0

vendor:moxamodel:eds-510ascope:lteversion:3.8

Trust: 1.0

vendor:moxamodel:eds-405ascope:lteversion:3.8

Trust: 1.0

vendor:moxamodel:eds-408ascope:lteversion:3.8

Trust: 1.0

vendor:moxamodel:eds-405a seriesscope: - version: -

Trust: 0.8

vendor:moxamodel:eds-408a seriesscope: - version: -

Trust: 0.8

vendor:moxamodel:eds-510a seriesscope: - version: -

Trust: 0.8

vendor:moxamodel:iks-g6824a seriesscope: - version: -

Trust: 0.8

vendor:moxamodel:iks-g6824ascope:lteversion:<=4.5

Trust: 0.6

vendor:moxamodel:eds-405ascope:lteversion:<=3.8

Trust: 0.6

vendor:moxamodel:eds-408ascope:lteversion:<=3.8

Trust: 0.6

vendor:moxamodel:eds-510ascope:lteversion:<=3.8

Trust: 0.6

vendor:moxamodel:iks-g6824ascope:eqversion:4.5

Trust: 0.3

vendor:moxamodel:eds-510ascope:eqversion:3.8

Trust: 0.3

vendor:moxamodel:eds-408ascope:eqversion:3.8

Trust: 0.3

vendor:moxamodel:eds-405ascope:eqversion:3.8

Trust: 0.3

vendor:iks g6824amodel: - scope:eqversion:*

Trust: 0.2

vendor:eds 405amodel: - scope:eqversion:*

Trust: 0.2

vendor:eds 408amodel: - scope:eqversion:*

Trust: 0.2

vendor:eds 510amodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 968d3d57-4f83-4a50-9bec-32450036e0e1 // CNVD: CNVD-2019-06058 // BID: 107178 // JVNDB: JVNDB-2019-002342 // NVD: CVE-2019-6563

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-6563
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-6563
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-06058
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201902-943
value: CRITICAL

Trust: 0.6

IVD: 968d3d57-4f83-4a50-9bec-32450036e0e1
value: CRITICAL

Trust: 0.2

VULHUB: VHN-157998
value: HIGH

Trust: 0.1

VULMON: CVE-2019-6563
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-6563
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-06058
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 968d3d57-4f83-4a50-9bec-32450036e0e1
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-157998
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-6563
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-6563
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 968d3d57-4f83-4a50-9bec-32450036e0e1 // CNVD: CNVD-2019-06058 // VULHUB: VHN-157998 // VULMON: CVE-2019-6563 // JVNDB: JVNDB-2019-002342 // CNNVD: CNNVD-201902-943 // NVD: CVE-2019-6563

PROBLEMTYPE DATA

problemtype:CWE-916

Trust: 1.1

problemtype:CWE-341

Trust: 1.0

problemtype:CWE-200

Trust: 0.9

sources: VULHUB: VHN-157998 // JVNDB: JVNDB-2019-002342 // NVD: CVE-2019-6563

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201902-943

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201902-943

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-002342

PATCH
title:Top Pageurl:https://www.moxa.com/
Trust: 0.8
title:MoxaIKS and EDS can predict patches for cookie vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/155117
Trust: 0.6
title:Multiple Moxa Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89662
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-06058 // 
            
            
            
            JVNDB: JVNDB-2019-002342 // 
            
            
            
            CNNVD: CNNVD-201902-943

EXTERNAL IDS
db:NVDid:CVE-2019-6563
Trust: 3.7
db:ICS CERTid:ICSA-19-057-01
Trust: 3.5
db:BIDid:107178
Trust: 2.1
db:CNNVDid:CNNVD-201902-943
Trust: 0.9
db:CNVDid:CNVD-2019-06058
Trust: 0.8
db:JVNDBid:JVNDB-2019-002342
Trust: 0.8
db:AUSCERTid:ESB-2019.0597
Trust: 0.6
db:IVDid:968D3D57-4F83-4A50-9BEC-32450036E0E1
Trust: 0.2
db:VULHUBid:VHN-157998
Trust: 0.1
db:VULMONid:CVE-2019-6563
Trust: 0.1
sources:
            
            
            IVD: 968d3d57-4f83-4a50-9bec-32450036e0e1 // 
            
            
            
            CNVD: CNVD-2019-06058 // 
            
            
            
            VULHUB: VHN-157998 // 
            
            
            
            VULMON: CVE-2019-6563 // 
            
            
            
            BID: 107178 // 
            
            
            
            JVNDB: JVNDB-2019-002342 // 
            
            
            
            CNNVD: CNNVD-201902-943 // 
            
            
            
            NVD: CVE-2019-6563

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-19-057-01
Trust: 3.6
url:http://www.securityfocus.com/bid/107178
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2019-6563
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6563
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-19-057-01
Trust: 0.6
url:https://www.auscert.org.au/bulletins/76138
Trust: 0.6
url:http://www.moxastore.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/916.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-06058 // 
            
            
            
            VULHUB: VHN-157998 // 
            
            
            
            VULMON: CVE-2019-6563 // 
            
            
            
            BID: 107178 // 
            
            
            
            JVNDB: JVNDB-2019-002342 // 
            
            
            
            CNNVD: CNNVD-201902-943 // 
            
            
            
            NVD: CVE-2019-6563

CREDITS
Ivan B, Sergey Fedonin, and Vyacheslav Moskvin of Positive Technologies Security reported these vulnerabilities to NCCIC.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201902-943

SOURCES
db:IVDid:968d3d57-4f83-4a50-9bec-32450036e0e1
db:CNVDid:CNVD-2019-06058
db:VULHUBid:VHN-157998
db:VULMONid:CVE-2019-6563
db:BIDid:107178
db:JVNDBid:JVNDB-2019-002342
db:CNNVDid:CNNVD-201902-943
db:NVDid:CVE-2019-6563

LAST UPDATE DATE
2024-11-23T21:52:28.266000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-06058date:2019-03-04T00:00:00
db:VULHUBid:VHN-157998date:2020-10-05T00:00:00
db:VULMONid:CVE-2019-6563date:2020-10-05T00:00:00
db:BIDid:107178date:2019-02-26T00:00:00
db:JVNDBid:JVNDB-2019-002342date:2019-04-08T00:00:00
db:CNNVDid:CNNVD-201902-943date:2020-10-09T00:00:00
db:NVDid:CVE-2019-6563date:2024-11-21T04:46:42.157

SOURCES RELEASE DATE
db:IVDid:968d3d57-4f83-4a50-9bec-32450036e0e1date:2019-03-04T00:00:00
db:CNVDid:CNVD-2019-06058date:2019-03-04T00:00:00
db:VULHUBid:VHN-157998date:2019-03-05T00:00:00
db:VULMONid:CVE-2019-6563date:2019-03-05T00:00:00
db:BIDid:107178date:2019-02-26T00:00:00
db:JVNDBid:JVNDB-2019-002342date:2019-04-08T00:00:00
db:CNNVDid:CNNVD-201902-943date:2019-02-26T00:00:00
db:NVDid:CVE-2019-6563date:2019-03-05T20:29:00.547