Podatność CVE-2021-37184


Publikacja: 2021-09-14

Opis:
A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any valid user on an affected system.

Typ:

CWE-639

(Authorization Bypass Through User-Controlled Key)

 Referencje:
https://cert-portal.siemens.com/productcert/pdf/ssa-692317.pdf

Copyright 2022, cxsecurity.com

 

Back to Top