Lucene search

MitreCVELIST:CVE-2021-42833

HistoryDec 16, 2021 - 12:00 a.m.

CVE-2021-42833 Use of hardcoded credentials impacting AquaView versions 1.60, 7.x, 8.x

2021-12-1600:00:00

mitre

www.cve.org

9.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that could allow an authenticated local attacker to manipulate users and system settings.

References

www.cisa.gov/uscert/ics/advisories/icsa-21-350-01

www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xpsa-aquaview-v5.0.pdf

9.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVELIST:CVE-2021-42833