ID
VAR-202105-0273
CVE
CVE-2020-27149
TITLE
NPort IA5150A/IA5250A Vulnerabilities in the series
Trust: 0.8
sources:
JVNDB: JVNDB-2020-016743
DESCRIPTION
By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed. NPort IA5150A/IA5250A There are unspecified vulnerabilities in the series.Information may be tampered with. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Trust: 2.25
sources:
NVD: CVE-2020-27149 //
JVNDB: JVNDB-2020-016743 //
CNNVD: CNNVD-202104-975 //
VULMON: CVE-2020-27149
AFFECTED PRODUCTS
| vendor: | moxa | model: | nport ia5150a | scope: | lt | version: | 1.5 | Trust: 1.0 |
| vendor: | moxa | model: | nport ia5450a | scope: | lt | version: | 2.0 | Trust: 1.0 |
| vendor: | moxa | model: | nport ia5250a | scope: | lt | version: | 1.5 | Trust: 1.0 |
| vendor: | moxa | model: | nport ia5450a シリーズ | scope: | - | version: | - | Trust: 0.8 |
| vendor: | moxa | model: | nport ia5250a シリーズ | scope: | - | version: | - | Trust: 0.8 |
| vendor: | moxa | model: | nport ia5150a シリーズ | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2020-016743 //
NVD: CVE-2020-27149
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULMON: CVE-2020-27149 //
JVNDB: JVNDB-2020-016743 //
CNNVD: CNNVD-202104-975 //
CNNVD: CNNVD-202104-2046 //
NVD: CVE-2020-27149
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-noinfo | Trust: 1.0 |
| problemtype: | Lack of information (CWE-noinfo) [NVD Evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2020-016743 //
NVD: CVE-2020-27149
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202104-2046
TYPE
other
Trust: 0.6
sources:
CNNVD: CNNVD-202104-975
PATCH
| title: | NPort IA5000A Series Serial Device Servers Vulnerabilities | url: | https://www.moxa.com/en/support/product-support/security-advisory/nport-ia5000a-serial-device-servers-vulnerabilities | Trust: 0.8 |
| title: | MOXA NPort IA5150A Fixes for access control error vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151547 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2020-016743 //
CNNVD: CNNVD-202104-2046
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-27149 | Trust: 3.3 |
| db: | JVNDB | id: | JVNDB-2020-016743 | Trust: 0.8 |
| db: | CS-HELP | id: | SB2021041363 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202104-975 | Trust: 0.6 |
| db: | CS-HELP | id: | SB2021042809 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202104-2046 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2020-27149 | Trust: 0.1 |
sources:
VULMON: CVE-2020-27149 //
JVNDB: JVNDB-2020-016743 //
CNNVD: CNNVD-202104-975 //
CNNVD: CNNVD-202104-2046 //
NVD: CVE-2020-27149
REFERENCES
| url: | https://www.moxa.com/en/support/product-support/security-advisory/nport-ia5000a-serial-device-servers-vulnerabilities | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-27149 | Trust: 1.4 |
| url: | https://ics-cert.kaspersky.com/advisories/klcert-advisories/2021/05/11/klcert-20-018 | Trust: 1.4 |
| url: | https://ics-cert.kaspersky.com/advisories/klcert-advisories/2021/05/11/klcert-20-018%2c | Trust: 1.0 |
| url: | https://www.cybersecurity-help.cz/vdb/sb2021041363 | Trust: 0.6 |
| url: | https://www.cybersecurity-help.cz/vdb/sb2021042809 | Trust: 0.6 |
| url: | https://cwe.mitre.org/data/definitions/.html | Trust: 0.1 |
| url: | https://ics-cert.kaspersky.com/advisories/klcert-advisories/2021/05/11/klcert-20-018, | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULMON: CVE-2020-27149 //
JVNDB: JVNDB-2020-016743 //
CNNVD: CNNVD-202104-975 //
CNNVD: CNNVD-202104-2046 //
NVD: CVE-2020-27149
SOURCES
| db: | VULMON | id: | CVE-2020-27149 |
| db: | JVNDB | id: | JVNDB-2020-016743 |
| db: | CNNVD | id: | CNNVD-202104-975 |
| db: | CNNVD | id: | CNNVD-202104-2046 |
| db: | NVD | id: | CVE-2020-27149 |
LAST UPDATE DATE
2024-08-14T12:04:38.182000+00:00
SOURCES UPDATE DATE
| db: | VULMON | id: | CVE-2020-27149 | date: | 2021-05-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-016743 | date: | 2022-01-25T07:27:00 |
| db: | CNNVD | id: | CNNVD-202104-975 | date: | 2021-04-14T00:00:00 |
| db: | CNNVD | id: | CNNVD-202104-2046 | date: | 2021-05-24T00:00:00 |
| db: | NVD | id: | CVE-2020-27149 | date: | 2023-11-07T03:20:50.013 |
SOURCES RELEASE DATE
| db: | VULMON | id: | CVE-2020-27149 | date: | 2021-05-14T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-016743 | date: | 2022-01-25T00:00:00 |
| db: | CNNVD | id: | CNNVD-202104-975 | date: | 2021-04-13T00:00:00 |
| db: | CNNVD | id: | CNNVD-202104-2046 | date: | 2021-04-28T00:00:00 |
| db: | NVD | id: | CVE-2020-27149 | date: | 2021-05-14T12:15:07.730 |