Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-23857
HistoryOct 04, 2021 - 6:15 p.m.

CVE-2021-23857

2021-10-0418:15:07
CWE-287
CWE-836
[email protected]
web.nvd.nist.gov
4

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

70.2%

JSON

Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.

Affected configurations

NVD
Node
boschrexroth_indramotion_mlc_l20_firmwareRange12
AND
boschrexroth_indramotion_mlc_l20Match-
Node
boschrexroth_indramotion_mlc_l40_firmwareRange12
AND
boschrexroth_indramotion_mlc_l40Match-
Node
boschrexroth_indramotion_mlc_l25_firmwareRange12
AND
boschrexroth_indramotion_mlc_l25Match-
Node
boschrexroth_indramotion_mlc_l45_firmwareRange12
AND
boschrexroth_indramotion_mlc_l45Match-
Node
boschrexroth_indramotion_mlc_l65_firmwareRange12
AND
boschrexroth_indramotion_mlc_l65Match-
Node
boschrexroth_indramotion_mlc_l75_firmwareRange12
AND
boschrexroth_indramotion_mlc_l75Match-
Node
boschrexroth_indramotion_mlc_l85_firmwareRange12
AND
boschrexroth_indramotion_mlc_l85Match-
Node
boschrexroth_indramotion_mlc_xm22_firmwareRange12
AND
boschrexroth_indramotion_mlc_xm22Match-
Node
boschrexroth_indramotion_mlc_xm21_firmwareRange12
AND
boschrexroth_indramotion_mlc_xm21Match-
Node
boschrexroth_indramotion_mlc_xm41_firmwareRange12
AND
boschrexroth_indramotion_mlc_xm41Match-
Node
boschrexroth_indramotion_mlc_xm42_firmwareRange12
AND
boschrexroth_indramotion_mlc_xm42Match-
Node
boschrexroth_indramotion_xlc_firmwareRange12
AND
boschrexroth_indramotion_xlcMatch-

Related

prion 2
cvelist 2
cve 2
nvd 1
cnvd 1
prion
prion
Default credentials
2021-10-04 18:15:00
Information disclosure
2021-10-04 18:15:00
cvelist
cvelist
CVE-2021-23857 Login with hash
2021-10-04 17:32:36
CVE-2021-23858 Information disclosure
2021-10-04 17:32:22
cve
cve
CVE-2021-23857
2021-10-04 18:15:07
CVE-2021-23858
2021-10-04 18:15:07
nvd
nvd
CVE-2021-23858
2021-10-04 18:15:07
cnvd
cnvd
Bosch Rexroth IndraMotion Mlc Licensing Issue Vulnerability
2021-10-09 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

70.2%

JSON
Related for NVD:CVE-2021-23857
prion2cvelist2cve2nvd1cnvd1