CVE-2023-3336

Summary

TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users.

Affected Software

VendorProductVersion RangeStatus
MoxaTN-5900 Series1.0 <= 3.3affected

Weaknesses

  • CWE-204: CWE-204 Observable Response Discrepancy

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References