Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-35979
HistoryOct 08, 2021 - 3:15 p.m.

CVE-2021-35979

2021-10-0815:15:08
CWE-306
[email protected]
web.nvd.nist.gov
4
digi realport
encrypted mode
vulnerability
man-in-the-middle
authentication

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

44.8%

JSON

An issue was discovered in Digi RealPort through 4.8.488.0. The ‘encrypted’ mode is vulnerable to man-in-the-middle attacks and does not perform authentication.

Affected configurations

Nvd
Node
digirealportRange1.9-40linux
OR
digirealportRange4.8.488.0windows
Node
digiconnectport_ts_8\/16Match-
AND
digiconnectport_ts_8\/16_firmware
Node
digiconnectport_lts_8\/16\/32Match-
AND
digiconnectport_lts_8\/16\/32_firmware
Node
digipassport_integrated_console_serverMatch-
AND
digipassport_integrated_console_server_firmware
Node
digicmMatch-
AND
digicm_firmware
Node
digiportserver_tsMatch-
AND
digiportserver_ts_firmware
Node
digiportserver_ts_meiMatch-
AND
digiportserver_ts_mei_firmware
Node
digiportserver_ts_mei_hardened_firmware
AND
digiportserver_ts_mei_hardenedMatch-
Node
digiportserver_ts_m_mei_firmware
AND
digiportserver_ts_m_meiMatch-
Node
digi6350-sr_firmware
AND
digi6350-srMatch-
Node
digiportserver_ts_p_mei_firmware
AND
digiportserver_ts_p_meiMatch-
Node
digitransport_wr11_xt_firmware
AND
digitransport_wr11_xtMatch-
Node
digione_iap_family_firmware
AND
digione_iap_familyMatch-
Node
digione_ia_firmware
AND
digione_iaMatch-
Node
digiwr31_firmware
AND
digiwr31Match-
Node
digiwr44_r_firmware
AND
digiwr44_rMatch-
Node
digiconnect_es_firmware
AND
digiconnect_esMatch-
Node
digiwr21_firmware
AND
digiwr21Match-
VendorProductVersionCPE
digirealport*cpe:2.3:a:digi:realport:*:*:*:*:*:linux:*:*
digirealport*cpe:2.3:a:digi:realport:*:*:*:*:*:windows:*:*
digiconnectport_ts_8\/16-cpe:2.3:h:digi:connectport_ts_8\/16:-:*:*:*:*:*:*:*
digiconnectport_ts_8\/16_firmware*cpe:2.3:o:digi:connectport_ts_8\/16_firmware:*:*:*:*:*:*:*:*
digiconnectport_lts_8\/16\/32-cpe:2.3:h:digi:connectport_lts_8\/16\/32:-:*:*:*:*:*:*:*
digiconnectport_lts_8\/16\/32_firmware*cpe:2.3:o:digi:connectport_lts_8\/16\/32_firmware:*:*:*:*:*:*:*:*
digipassport_integrated_console_server-cpe:2.3:h:digi:passport_integrated_console_server:-:*:*:*:*:*:*:*
digipassport_integrated_console_server_firmware*cpe:2.3:o:digi:passport_integrated_console_server_firmware:*:*:*:*:*:*:*:*
digicm-cpe:2.3:h:digi:cm:-:*:*:*:*:*:*:*
digicm_firmware*cpe:2.3:o:digi:cm_firmware:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 361

Related

cve 1
cvelist 1
cnvd 1
prion 1
cve
cve
CVE-2021-35979
2021-10-08 15:15:08
cvelist
cvelist
CVE-2021-35979
2021-10-08 14:21:22
cnvd
cnvd
Digi RealPort Licensing Issue Vulnerability
2021-10-11 00:00:00
prion
prion
Authentication flaw
2021-10-08 15:15:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

44.8%

JSON
Related for NVD:CVE-2021-35979
cve1cvelist1cnvd1prion1