{ "id": "CVE-2021-25847", "sourceIdentifier": "cve@mitre.org", "published": "2021-05-10T11:15:07.903", "lastModified": "2021-05-18T20:02:33.230", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper validation of the length field of LLDP-MED TLV in userdisk/vport_lldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to controllable loop counter variable via a crafted lldp packet." }, { "lang": "es", "value": "Una comprobaci\u00f3n inapropiada del campo de longitud de LLDP-MED TLV en el archivo userdisk/vport_lldpd en Moxa Camera VPort 06EC-2V Series, versi\u00f3n 1.1, permite una divulgaci\u00f3n de informaci\u00f3n a los atacantes debido a la variable de contador de bucle controlable por medio de un paquete lldp dise\u00f1ado" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL" }, "exploitabilityScore": 3.9, "impactScore": 5.2 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 7.8, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-125" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v26m_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "7A045609-DB72-4D4E-96EB-F43A03E6AAE4" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v26m:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AB3C716-2ECC-44B7-9AD9-7F198ABE7B24" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v36m-t_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "15F70B46-0F34-46DE-AE74-C7468E634285" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v36m-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "B868CC06-2F7F-4951-88BF-37488D52FC55" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v36m-ct_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "5E748BCD-CBB5-4FB2-9DE0-3B3B7E5304A5" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v36m-ct:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A2B0E14-196A-47C2-A721-7DBF15E5F06F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v36m-ct-t_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "73F035BE-103B-466D-8AC7-1CEF91072C4D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v36m-ct-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A855BB2-C047-452E-9DD9-2C3233FAB568" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v42m_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "8AF372A2-E2D2-40B4-8BA5-205C53CDAF40" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v42m:-:*:*:*:*:*:*:*", "matchCriteriaId": "729825E5-E15A-487B-9FDD-153ED5488BA9" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v42m-t_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "E8DCAC04-4AB7-47B8-A9F7-92EB8D4B4E81" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v42m-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "D940BF75-4F82-4D20-991E-BD4EB0F4ED1C" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v42m-ct_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "2AC04DAF-F491-4934-96FD-F86D51C81428" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v42m-ct:-:*:*:*:*:*:*:*", "matchCriteriaId": "1989369B-A59E-4281-8896-5EC6C6B035A7" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v42m-ct-t_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "E932C821-8B10-409C-BB75-839314C51799" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v42m-ct-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "9EAB1E29-5138-4BDA-A314-4BCA75599600" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v60m_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "A92C31E4-45BB-4598-AB2C-BDA3BC8FF0A1" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v60m:-:*:*:*:*:*:*:*", "matchCriteriaId": "65C52196-9B1A-45BC-B14F-E2A1D7DDCDE8" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v60m-t_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "B51442C2-72B1-4A5D-A6F2-DB41B8FE1219" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v60m-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C7E4C20-9544-4B83-8113-36F4AC9D55CD" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v60m-ct_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "C9D8EDFF-ED6D-452C-9BC9-80C678DF074F" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v60m-ct:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF751858-BDA7-4771-80D1-72106C418C96" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v60m-ct-t_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "34990DFD-AB95-4A6D-A480-BC68001D4965" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v60m-ct-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CE0C80E-8849-4271-90F6-813371C84AE8" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v80m_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "A696CAEC-DF2A-4316-B7D6-1D7F841692E0" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v80m:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DBA1F22-198C-4DCB-9A82-D7B350B27B33" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v80m-t_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "2FB44FAB-EFE6-4D98-AFDD-7E466D1CC356" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v80m-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "442FAF51-C13B-47B9-BC98-287778244A55" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v80m-ct_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "73BCB213-2D83-40D2-913B-5331BEFFC53C" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v80m-ct:-:*:*:*:*:*:*:*", "matchCriteriaId": "89117711-F723-4AC6-AB0E-40B71CDB3E0F" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:moxa:vport_06ec-2v80m-ct-t_firmware:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.1", "matchCriteriaId": "B5097591-8E80-42D1-A14A-5DD8EBF75EC0" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:moxa:vport_06ec-2v80m-ct-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "E07DB8C8-41D7-462E-9AFD-C28ACBB3E0F5" } ] } ] } ], "references": [ { "url": "https://www.moxa.com/en/", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://www.moxa.com/en/support/product-support/security-advisory/vport-06ec-2v-series-ip-cameras-vulnerabilities", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] } ] }