CVE-2021-27734

Published: May 17, 2021Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Hirschmann HiOS 07.1.01, 07.1.02, and 08.1.00 through 08.5.xx and HiSecOS 03.3.00 through 03.5.01 allow remote attackers to change the credentials of existing users.

Affected (4)

Products: Belden: Hirschmann Hios, Hisecos

Belden

2 products

Hirschmann Hios

Hisecos

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Belden Hirschmann Hios	From 08.1.00 to 08.6.00
Belden Hirschmann Hios	Version 07.1.01
Belden Hirschmann Hios	Version 07.1.02
Belden Hisecos	From 03.3.00 to 03.5.01

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (2)

https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=12914&mediaformatid=50063&destinationid=10016

Source: cve@mitre.org

Vendor Advisory

https://dam.belden.com/dmm3bwsv3/assetstream.aspx?assetid=12914&mediaformatid=50063&destinationid=10016

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.