{"containers": {"cna": {"affected": [{"product": "Moxa NPort 5110, 5130, and 5150", "vendor": "n/a", "versions": [{"status": "affected", "version": "Moxa NPort 5110, 5130, and 5150"}]}], "datePublic": "2017-11-16T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to inject packets that could potentially disrupt the availability of the device."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-74", "description": "CWE-74", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-11-21T10:57:01.000Z", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"name": "101885", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101885"}, {"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2017-16719", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Moxa NPort 5110, 5130, and 5150", "version": {"version_data": [{"version_value": "Moxa NPort 5110, 5130, and 5150"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to inject packets that could potentially disrupt the availability of the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-74"}]}]}, "references": {"reference_data": [{"name": "101885", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101885"}, {"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T20:35:19.967Z"}, "title": "CVE Program Container", "references": [{"name": "101885", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101885"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2017-16719", "datePublished": "2017-11-16T21:00:00.000Z", "dateReserved": "2017-11-09T00:00:00.000Z", "dateUpdated": "2024-08-05T20:35:19.967Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5110_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "DA640858-27A0-474E-A90C-AF61EB5D07D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:nport_5110_firmware:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "F1EEFB08-1A1C-41E0-9A9A-DE88F82D97CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:nport_5110_firmware:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "B4ABA135-2EB9-47A1-AFE9-1EAA96BAD220", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:nport_5110_firmware:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "C34FCCC1-FD11-4734-BEAB-1577510DDA21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5110:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9D28B00-C0BD-4B70-B871-9D18F37DCBE9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5130_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D10C4E5F-1F08-409D-BECA-115BC44D4E56", "versionEndIncluding": "3.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5130:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5507650-F3BF-45AF-AA54-06CF3EAF7DDB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:nport_5150_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "46E00EAC-F4D4-47F7-825C-35F9722DB51D", "versionEndIncluding": "3.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:nport_5150:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CD7B68B-128D-4AB0-AE9E-A8B9329D67C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to inject packets that could potentially disrupt the availability of the device."}, {"lang": "es", "value": "Se descubri\u00f3 una vulnerabilidad de inyecci\u00f3n en Moxa NPort 5110 2.2, NPort 5110 2.4, NPort 5110 2.6, NPort 5110 2.7, NPort 5130 3.7 y anteriores, y NPort 5150 3.7 y anteriores. Un atacante podr\u00eda inyectar paquetes que pudieran interrumpir la disponibilidad del dispositivo."}], "id": "CVE-2017-16719", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-16T21:29:00.373", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101885"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101885"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-74"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}