CVE-2021-34578 WAGO: Authentication Vulnerability in Web-Based Management

🗓️ 31 Aug 2021 10:33:01Reported by CERTVDEType

Authentication vulnerability in WAGO PLC

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2021-34578	31 Aug 202114:33	–	circl
CNNVD	WAGO 授权问题漏洞	31 Aug 202100:00	–	cnnvd
CVE	CVE-2021-34578	31 Aug 202110:33	–	cve
EUVD	EUVD-2021-21228	7 Oct 202500:30	–	euvd
NVD	CVE-2021-34578	31 Aug 202111:15	–	nvd
OSV	CVE-2021-34578	31 Aug 202111:15	–	osv
Prion	Authentication flaw	31 Aug 202111:15	–	prion
Tenable Nessus	Wago 750-36X & 750-8XX Improper Authentication (CVE-2021-34578)	21 Jul 202200:00	–	nessus

[
  {
    "product": "PLC",
    "vendor": "WAGO",
    "versions": [
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "750-362",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "750-363",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "750-823",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "750-832/xxx-xxx",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "750-862",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "750-891",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "750-890/xxx-xxx",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "FW07",
        "status": "affected",
        "version": "750-893",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cert	www.cert.vde.com/en-us/advisories/vde-2020-044

31 Aug 2021 10:33Current

9.7High risk

Vulners AI Score9.7

CVSS 3.19.8

EPSS0.00963

CWE-287