{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T15:08:52.860","vulnerabilities":[{"cve":{"id":"CVE-2019-10963","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2019-10-08T19:15:09.900","lastModified":"2024-11-21T04:20:15.277","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated attacker to be able to retrieve some log files from the device, which may allow sensitive information disclosure. Log files must have previously been exported by a legitimate user."},{"lang":"es","value":"Moxa EDR 810, todas las versiones 5.1 y anteriores, permite a un atacante no autenticado poder recuperar algunos archivos de registro del dispositivo, lo que puede permitir la divulgación de información confidencial. Los archivos de registro deben haber sido previamente exportados por un usuario legítimo."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-321"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:moxa:edr-810_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1","matchCriteriaId":"A28DDE8C-B6D2-49CD-86D0-7B4DB121C642"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:moxa:edr-810:-:*:*:*:*:*:*:*","matchCriteriaId":"2A6BD14C-FD19-4AF7-A221-91B1A49C0A58"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html","source":"ics-cert@hq.dhs.gov","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-19-274-03","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://packetstormsecurity.com/files/154943/Moxa-EDR-810-Command-Injection-Information-Disclosure.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-19-274-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}