| |
Vulnerability CVE-2021-23861
Published: 2021-12-08
Description: |
By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed. |
Type:
CWE-77 (Improper Neutralization of Special Elements used in a Command ('Command Injection'))
CVSS2 => (AV:N/AC:L/Au:S/C:N/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5.5/10 |
4.9/10 |
8/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
Partial |
References: |
https://psirt.bosch.com/security-advisories/bosch-sa-043434-bt.html
|
|
|
Copyright 2024, cxsecurity.com
|
|
|