CVE-2021-46082 - OpenCVE

Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Moxa	Mgate 5109 Firmware Tn-5916-wv-t Firmware Mgate 5101-pbm-mn Firmware Mgate 5109-t Mgate 5101-pbm-mn Mgate 5109 Mgate 5101-pbm-mn-t Firmware Tn-5916-wv-ct-t Tn-5916-wv-t Tn-5916-wv-ct-t Firmware Mgate 5109-t Firmware Mgate 5101-pbm-mn-t

Configuration 1 [-]

AND

cpe:2.3:o:moxa:tn-5916-wv-t_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:moxa:tn-5916-wv-t:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:moxa:tn-5916-wv-ct-t_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:moxa:tn-5916-wv-ct-t:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:moxa:mgate_5109_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:moxa:mgate_5109:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:moxa:mgate_5109-t_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:moxa:mgate_5109-t:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:moxa:mgate_5101-pbm-mn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:moxa:mgate_5101-pbm-mn:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:moxa:mgate_5101-pbm-mn-t_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:moxa:mgate_5101-pbm-mn-t:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.moxa.com/en/support/product-support/security-advisory/mgate-5109-5101-protocol-gateways-vulnerability	Patch Vendor Advisory
https://www.moxa.com/en/support/product-support/security-advisory/tn-5900-secure-routers-vulnerability	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-02-18T19:54:13

Updated: 2022-02-18T19:54:13

Reserved: 2022-01-03T00:00:00

Link: CVE-2021-46082

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-02-18T20:15:11.533

Modified: 2022-02-26T03:42:13.027

Link: CVE-2021-46082

JSON object: View

Redhat Information

No data.

CWE

CWE-401

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-02-18T19:54:13", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-5109-5101-protocol-gateways-vulnerability"}, {"tags": ["x_refsource_MISC"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/tn-5900-secure-routers-vulnerability"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-46082", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-5109-5101-protocol-gateways-vulnerability", "refsource": "MISC", "url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-5109-5101-protocol-gateways-vulnerability"}, {"name": "https://www.moxa.com/en/support/product-support/security-advisory/tn-5900-secure-routers-vulnerability", "refsource": "MISC", "url": "https://www.moxa.com/en/support/product-support/security-advisory/tn-5900-secure-routers-vulnerability"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-46082", "datePublished": "2022-02-18T19:54:13", "dateReserved": "2022-01-03T00:00:00", "dateUpdated": "2022-02-18T19:54:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:tn-5916-wv-t_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD5B5851-38A6-4804-A1B7-648ECF298F74", "versionEndIncluding": "3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:tn-5916-wv-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "8002FD38-5728-4F33-B226-C089160CFCBC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:tn-5916-wv-ct-t_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "10408164-2582-4C52-BD63-E2992603F9CC", "versionEndIncluding": "3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:tn-5916-wv-ct-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A14A700-3B99-4B1E-B840-CE4EA0BA7BC6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:mgate_5109_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "38741814-45D2-47CA-A7FF-C25DCBA5F22C", "versionEndIncluding": "2.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:mgate_5109:-:*:*:*:*:*:*:*", "matchCriteriaId": "007DDCE4-2833-4455-9F63-8F950F57CA81", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:mgate_5109-t_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B56520BB-8327-418D-9EE7-5C2875185E57", "versionEndIncluding": "2.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:mgate_5109-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "92068FD7-F13C-434B-9ABE-D4EC6F01456F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:mgate_5101-pbm-mn_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B414712-E6AB-4EAC-A463-292C650859AC", "versionEndIncluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:mgate_5101-pbm-mn:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8520741-E93C-4BB6-8381-29E007AB9D70", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:mgate_5101-pbm-mn-t_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "759A24D3-4871-4609-9451-B496D05A23F8", "versionEndIncluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:mgate_5101-pbm-mn-t:-:*:*:*:*:*:*:*", "matchCriteriaId": "65282419-FF14-41D8-9FBC-417AA03E1643", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Moxa TN-5900 v3.1 series routers, MGate 5109 v2.2 series protocol gateways, and MGate 5101-PBM-MN v2.1 series protocol gateways were discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via crafted packets."}, {"lang": "es", "value": "Se ha detectado que los enrutadores de la serie Moxa TN-5900 versi\u00f3n v3.1, las pasarelas de protocolo de la serie MGate 5109 versi\u00f3n v2.2 y las pasarelas de protocolo de la serie MGate 5101-PBM-MN versi\u00f3n v2.1, contienen una p\u00e9rdida de memoria que permite a atacantes causar una denegaci\u00f3n de servicio (DoS) por medio de paquetes dise\u00f1ados"}], "id": "CVE-2021-46082", "lastModified": "2022-02-26T03:42:13.027", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-18T20:15:11.533", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/mgate-5109-5101-protocol-gateways-vulnerability"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.moxa.com/en/support/product-support/security-advisory/tn-5900-secure-routers-vulnerability"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}