CVE-2016-8372

Published: Feb 13, 2017Modified: May 13, 2026

8.1

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.2 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure.

Affected (6)

Products: Moxa: Iologik E1200 Series Firmware, Iologik E2200 Series Firmware

Moxa

2 products

Iologik E1200 Series Firmware

Iologik E2200 Series Firmware

Configuration A

1 vulnerable · 7 platform

Vulnerable Software	Affected Versions
Moxa Iologik E1200 Series Firmware	Up to 2.4

Running on/with	Platform Versions
Moxa Iologik E1210	All versions
Moxa Iologik E1212	All versions
Moxa Iologik E1214	All versions
Moxa Iologik E1241	All versions
Moxa Iologik E1242	All versions
Moxa Iologik E1260	All versions
Moxa Iologik E1262	All versions

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Moxa Iologik E1200 Series Firmware	Up to 2.3

Running on/with	Platform Versions
Moxa Iologik E1211	All versions
Moxa Iologik E1240	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Moxa Iologik E1200 Series Firmware	Up to 2.5

Running on/with	Platform Versions
Moxa Iologik E1213	All versions

Configuration D

1 vulnerable · 4 platform

Vulnerable Software	Affected Versions
Moxa Iologik E2200 Series Firmware	Up to 3.11

Running on/with	Platform Versions
Moxa Iologik E2214	All versions
Moxa Iologik E2240	All versions
Moxa Iologik E2242	All versions
Moxa Iologik E2262	All versions

Configuration E

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Moxa Iologik E2200 Series Firmware	Up to 3.12

Running on/with	Platform Versions
Moxa Iologik E2210	All versions
Moxa Iologik E2260	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Moxa Iologik E2200 Series Firmware	Up to 3.13

Running on/with	Platform Versions
Moxa Iologik E2212	All versions

Related CWEs

CWE-255

References (4)

http://www.securityfocus.com/bid/93550

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/93550

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-16-287-05

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.