CVE-2016-2283

MEDIUM

Moxa Ioadmin Firmware < 3.17 - Credentials Management

Title source: rule

Description

Moxa ioLogik E2200 devices before 3.12 and ioAdmin Configuration Utility before 3.18 do not properly encrypt data, which makes it easier for remote attackers to obtain the associated cleartext via unspecified vectors.

References (1)

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-16-063-01

Scores

CVSS v3 5.3

EPSS 0.0032

EPSS Percentile 55.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-255

Status draft

Affected Products (2)

moxa/ioadmin_firmware < 3.17

moxa/iologik_firmware < 3.11

Timeline

Published Mar 04, 2016

Tracked Since Feb 18, 2026