CVE-2021-27450

Published: Mar 25, 2021Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E (all firmware versions prior to v04A00.1).

Affected (1)

Products: Ge: Mu320e Firmware

1 product

Mu320e Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ge Mu320e Firmware	Before 04a00.1

Running on/with	Platform Versions
Ge Mu320e	All versions

Related CWEs

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (2)

https://us-cert.cisa.gov/ics/advisories/icsa-21-082-02

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://us-cert.cisa.gov/ics/advisories/icsa-21-082-02

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.