2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2021-27422" ,
"sourceIdentifier" : "ics-cert@hq.dhs.gov" ,
"published" : "2022-03-23T20:15:08.367" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T05:57:57.480" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication."
} ,
{
"lang" : "es" ,
"value" : "GE UR versiones de firmware anteriores a versi\u00f3n 8.1x, admiten la interfaz del servidor web en la UR a trav\u00e9s del protocolo HTTP. Permite una exposici\u00f3n de informaci\u00f3n confidencial sin autenticaci\u00f3n"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
2024-12-08 03:06:42 +00:00
"source" : "ics-cert@hq.dhs.gov" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
} ,
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 5.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
2024-12-08 03:06:42 +00:00
"source" : "ics-cert@hq.dhs.gov" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
2024-12-08 03:06:42 +00:00
"value" : "CWE-200"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
2024-12-08 03:06:42 +00:00
"value" : "CWE-319"
2023-04-24 12:24:31 +02:00
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_b30_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "971B98BB-125D-4D3F-8B54-09C6ECBEFC46"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_b30:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9AEAC84B-ED36-4D41-8CDC-84B30294667F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_b90_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "F0DD7078-54B7-4908-B041-C389601FFE54"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_b90:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8F9FE28C-1F33-4ECA-9004-B46912A1D8D8"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_c60_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "1A9D29A9-8351-48E0-BFCF-21945F586C51"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_c60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F14E4B7C-E38E-4877-9EB6-BE496CFBB8D4"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_c70_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "6AEDFEAA-FF6B-40AE-988D-96B37E6F7A15"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_c70:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5F2E81E6-B718-4809-8D30-3074B0FB7239"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_c95_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "A6A8BC17-2B8A-4FCD-AED4-D60DBFA2CCAC"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_c95:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AFD919B5-753E-40A8-8B14-BD0BA28386C7"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_d30_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "A3506446-AF0D-4AC4-8C0A-5616D27C267B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_d30:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9226C470-365B-4CFF-B1FF-326EA82E9C16"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_d60_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "B0E5D2F8-AA89-44E3-9316-E28357E525D8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_d60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1CFC93A6-7FAB-4057-A962-6A9C8F0FD3DA"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_f35_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "C86C0AEE-795B-45B1-A917-00A355EC25CD"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_f35:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B66B913C-6D8A-4B5E-92AF-0ABE67195C47"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_f60_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "D151332D-37C7-4F7B-A30E-EB7F927B905D"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_f60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "313C6A1D-B50A-40C5-8553-68F21DFEDDDC"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_g30_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "D2E9423B-F49D-4AF7-8275-3216D615F279"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_g30:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BC9965C1-9B3C-4B8A-8643-43678B5A6643"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_g60_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "2447F208-815E-44D2-91BC-7BFCFC85C977"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_g60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "20A13929-C8B5-49E0-9F5C-EA443413C584"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_l30_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "2DE2725C-8778-479D-8743-F62B5763931D"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_l30:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FF00D002-3C82-47B1-B585-DB91F33CEECC"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_l60_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "34B1A2B8-B43B-4CCD-886A-0487C09E5279"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_l60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F716F53-3AC6-41C6-A894-9712A8AFE58C"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_l90_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "58A5CD1D-27C0-4D14-9FBE-A8C74BD9737B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_l90:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7BFF5085-6713-41FA-93D5-65AE4C8F8AD1"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_m60_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "E0B3453A-1B71-4ADD-8AC3-5D5436EAD879"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_m60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5431E320-7E3A-4BD3-B33A-3345CF20B20D"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_n60_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "80DE8022-6349-4E53-B97B-AFAD1685E40E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_n60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2217A440-FADD-40ED-A933-F3DBCF36E116"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_t35_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "51F57944-8FDB-4541-A6ED-BF6D40916786"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_t35:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4B7B0753-62C7-4972-AD22-FC3E31A5218F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_t60_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "B97E0654-4407-48CE-BC07-E2385E86B65A"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_t60:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5E75BD31-3057-42F4-BD1B-C68C797F39DF"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:ge:multilin_c30_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "8.10" ,
"matchCriteriaId" : "10F68AE0-E4FC-4357-A619-B0B990FDC708"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:ge:multilin_c30:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "314AA92C-5B56-475A-B65F-CF597CEBFB38"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02" ,
"source" : "ics-cert@hq.dhs.gov" ,
"tags" : [
"Mitigation" ,
"Third Party Advisory" ,
"US Government Resource"
]
} ,
{
"url" : "https://www.gegridsolutions.com/Passport/Login.aspx" ,
"source" : "ics-cert@hq.dhs.gov" ,
"tags" : [
"Permissions Required" ,
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Mitigation" ,
"Third Party Advisory" ,
"US Government Resource"
]
} ,
{
"url" : "https://www.gegridsolutions.com/Passport/Login.aspx" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Permissions Required" ,
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
