CVE-2019-6520
N/A
N/A
Summary
Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ICS-CERT | Moxa IKS, EDS | IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior | affected |
Weaknesses
- CWE-284: Improper access control CWE-284
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.