How severe is CVE-2016-8372?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2016-8372?

This is classified as CWE-255, which is a common weakness in software security.

CVE-2016-8372

HIGH Year: 2016

CVSS v3 Score

8.1

High

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-255

View all →

Vulnerability Description

An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. A password is transmitted in a format that is not sufficiently secure.

CVE-2015-7283

HIGH

CVSS:8.1(High)

The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative pri...

CWE-2552015

CVE-2016-10101

HIGH

CVSS:8.1(High)

Information Disclosure can occur in Hitek Software's Automize 10.x and 11.x passManager.jsd. Users have the Read attribute, which allows an attacker to recover the encrypted password to access the Pas...

CWE-2552016

CVE-2016-10103

HIGH

CVSS:8.1(High)

Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for GP...

CWE-2552016

CVE-2016-6904

HIGH

CVSS:8.1(High)

Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication cre...

CWE-2552016

CVE-2018-6443

HIGH

CVSS:8.1(High)

A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocum...

CWE-2552018

CVE-2013-2951

HIGH

CVSS:7.8(High)

IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information...

CWE-2552013

CVE-2016-8372

Vulnerability Description

Related Vulnerabilities

CVE-2015-7283

CVE-2016-10101

CVE-2016-10103

CVE-2016-6904

CVE-2018-6443

CVE-2013-2951