CVE-2019-6563

Critical

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password,…

icscert·CWE-341·Published 2019-03-05

CVSS

9.8

EPSS

0.02

KEV

Exploits

cve.orgen

190 chars

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device.

NVDen

190 chars

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device.

Moxa IKS y EDS generan una cookie predecible calculada con un hash MD5, lo que permite que un atacante capture la contraseña del administrador. Esto podría conducir al compromiso total del dispositivo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H