Vulnerability Details CVE-2022-40693
A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.4%
CVSS Severity
CVSS v3 Score 5.9
References
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1616
- https://www.moxa.com/en/support/product-support/security-advisory/sds-3008-series-multiple-web-vulnerabilities
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1616
- https://www.moxa.com/en/support/product-support/security-advisory/sds-3008-series-multiple-web-vulnerabilities
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1616
Products affected by CVE-2022-40693
-
cpe:2.3:h:moxa:sds-3008-t:-
-
cpe:2.3:h:moxa:sds-3008:-
-
cpe:2.3:o:moxa:sds-3008-t_firmware:*
-
cpe:2.3:o:moxa:sds-3008_firmware:*