CVE-2017-12127 MEDIUM

CVE-2017-12127

Vendor Talos
Product Moxa
Published May 14, 2018
Last update September 17, 2024

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device.

Key dates

02Disclosure timeline

May 14, 2018 CVE published
September 17, 2024 Record updated