Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-20599
HistoryOct 14, 2021 - 3:15 p.m.

CVE-2021-20599

2021-10-1415:15:08
CWE-319
CWE-639
[email protected]
web.nvd.nist.gov
5
cleartext transmission
sensitive information
melsec iq-r series
safety cpu
sil2 process cpu
remote attacker

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

69.5%

JSON

Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions “26” and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions “11” and prior allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password.

Affected configurations

Nvd
Node
mitsubishielectricr08sfcpu_firmware
AND
mitsubishielectricr08sfcpuMatch-
Node
mitsubishielectricr16sfcpu_firmware
AND
mitsubishielectricr16sfcpuMatch-
Node
mitsubishielectricr32sfcpu_firmware
AND
mitsubishielectricr32sfcpuMatch-
Node
mitsubishielectricr120sfcpu_firmware
AND
mitsubishielectricr120sfcpuMatch-
Node
mitsubishielectricr08psfcpu_firmware
AND
mitsubishielectricr08psfcpuMatch-
Node
mitsubishielectricr16psfcpu_firmware
AND
mitsubishielectricr16psfcpuMatch-
Node
mitsubishielectricr32psfcpu_firmware
AND
mitsubishielectricr32psfcpuMatch-
Node
mitsubishielectricr120psfcpu_firmware
AND
mitsubishielectricr120psfcpuMatch-
VendorProductVersionCPE
mitsubishielectricr08sfcpu_firmware*cpe:2.3:o:mitsubishielectric:r08sfcpu_firmware:*:*:*:*:*:*:*:*
mitsubishielectricr08sfcpu-cpe:2.3:h:mitsubishielectric:r08sfcpu:-:*:*:*:*:*:*:*
mitsubishielectricr16sfcpu_firmware*cpe:2.3:o:mitsubishielectric:r16sfcpu_firmware:*:*:*:*:*:*:*:*
mitsubishielectricr16sfcpu-cpe:2.3:h:mitsubishielectric:r16sfcpu:-:*:*:*:*:*:*:*
mitsubishielectricr32sfcpu_firmware*cpe:2.3:o:mitsubishielectric:r32sfcpu_firmware:*:*:*:*:*:*:*:*
mitsubishielectricr32sfcpu-cpe:2.3:h:mitsubishielectric:r32sfcpu:-:*:*:*:*:*:*:*
mitsubishielectricr120sfcpu_firmware*cpe:2.3:o:mitsubishielectric:r120sfcpu_firmware:*:*:*:*:*:*:*:*
mitsubishielectricr120sfcpu-cpe:2.3:h:mitsubishielectric:r120sfcpu:-:*:*:*:*:*:*:*
mitsubishielectricr08psfcpu_firmware*cpe:2.3:o:mitsubishielectric:r08psfcpu_firmware:*:*:*:*:*:*:*:*
mitsubishielectricr08psfcpu-cpe:2.3:h:mitsubishielectric:r08psfcpu:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 161

Related

prion 1
vulnrichment 1
cve 1
cvelist 1
nessus 1
ics 1
prion
prion
Default credentials
2021-10-14 15:15:00
vulnrichment
vulnrichment
CVE-2021-20599
2021-10-14 00:00:00
cve
cve
CVE-2021-20599
2021-10-14 15:15:08
cvelist
cvelist
CVE-2021-20599
2021-10-14 00:00:00
nessus
nessus
Mitsubishi Electric MELSEC iQ-R Series Cleartext Transmission of Sensitive Information (CVE-2021-20599)
2022-02-07 00:00:00
ics
ics
Mitsubishi Electric MELSEC iQ-R Series (Update B)
2024-04-18 12:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

69.5%

JSON
Related for NVD:CVE-2021-20599
prion1vulnrichment1cve1cvelist1nessus1ics1