admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-346xx/CVE-2021-34601.json

327 lines
10 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2021-34601",
"sourceIdentifier": "info@cert.vde.com",
"published": "2022-04-27T16:15:11.207",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"lastModified": "2024-11-21T06:10:47.640",
"vulnStatus": "Modified",
Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to the web-UI."
},
{
"lang": "es",
"value": "En los controladores de carga Bender/ebee en m\u00faltiples versiones son propensos a Credenciales Embebidas. El controlador de carga CC612 de Bender en la versi\u00f3n 5.20.1 e inferior es propenso a credenciales ssh embebidas. Un atacante puede usar la contrase\u00f1a para conseguir acceso administrativo a la web-UI"
}
],
"metrics": {
"cvssMetricV31": [
{
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"source": "info@cert.vde.com",
"type": "Secondary",
bootstrap
2023-04-24 12:24:31 +02:00
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
bootstrap
2023-04-24 12:24:31 +02:00
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"availabilityImpact": "HIGH"
bootstrap
2023-04-24 12:24:31 +02:00
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"source": "nvd@nist.gov",
"type": "Primary",
bootstrap
2023-04-24 12:24:31 +02:00
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
bootstrap
2023-04-24 12:24:31 +02:00
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"availabilityImpact": "HIGH"
bootstrap
2023-04-24 12:24:31 +02:00
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"baseScore": 7.5,
bootstrap
2023-04-24 12:24:31 +02:00
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"availabilityImpact": "PARTIAL"
bootstrap
2023-04-24 12:24:31 +02:00
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"source": "info@cert.vde.com",
"type": "Secondary",
bootstrap
2023-04-24 12:24:31 +02:00
"description": [
{
"lang": "en",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"value": "CWE-259"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
},
{
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"source": "nvd@nist.gov",
"type": "Primary",
bootstrap
2023-04-24 12:24:31 +02:00
"description": [
{
"lang": "en",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"value": "CWE-798"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:cc612_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11.0",
"versionEndExcluding": "5.11.2",
"matchCriteriaId": "81AED2C8-71EE-4BFC-949C-D63F998CD1ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:cc612_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12.0",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "609125CC-4748-4507-8CF2-1752FF89B203"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:cc612_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13.0",
"versionEndExcluding": "5.13.2",
"matchCriteriaId": "C6FEC2C0-7F12-434A-9070-9A0F19379D25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:cc612_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.20.0",
"versionEndExcluding": "5.20.2",
"matchCriteriaId": "E80EBD0C-D852-4EF7-B0EA-89124683939C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bender:cc612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B48F3A5-C59D-40B6-ADBB-76FA536C78FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11.0",
"versionEndExcluding": "5.11.2",
"matchCriteriaId": "4B078039-C644-42DE-8122-300415D69854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12.0",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "D687057F-58C9-4463-BEF2-BE4CA428F9AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13.0",
"versionEndExcluding": "5.13.2",
"matchCriteriaId": "88D208BE-6401-489E-BBE7-1ABBEB14CF52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.20.0",
"versionEndExcluding": "5.20.2",
"matchCriteriaId": "0B36AF92-1F52-45AA-BAAF-0D94EB0B2FF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bender:cc613:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEFDDEB-23FB-474C-9A91-EDA35837D34B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11.0",
"versionEndExcluding": "5.11.2",
"matchCriteriaId": "4B078039-C644-42DE-8122-300415D69854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12.0",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "D687057F-58C9-4463-BEF2-BE4CA428F9AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13.0",
"versionEndExcluding": "5.13.2",
"matchCriteriaId": "88D208BE-6401-489E-BBE7-1ABBEB14CF52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.20.0",
"versionEndExcluding": "5.20.2",
"matchCriteriaId": "0B36AF92-1F52-45AA-BAAF-0D94EB0B2FF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bender:cc613:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEFDDEB-23FB-474C-9A91-EDA35837D34B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11.0",
"versionEndExcluding": "5.11.2",
"matchCriteriaId": "4B078039-C644-42DE-8122-300415D69854"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.12.0",
"versionEndExcluding": "5.12.5",
"matchCriteriaId": "D687057F-58C9-4463-BEF2-BE4CA428F9AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.13.0",
"versionEndExcluding": "5.13.2",
"matchCriteriaId": "88D208BE-6401-489E-BBE7-1ABBEB14CF52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bender:icc15xx_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.20.0",
"versionEndExcluding": "5.20.2",
"matchCriteriaId": "0B36AF92-1F52-45AA-BAAF-0D94EB0B2FF2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bender:cc613:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEFDDEB-23FB-474C-9A91-EDA35837D34B"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2021-047",
"source": "info@cert.vde.com",
"tags": [
"Vendor Advisory"
]
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
},
{
"url": "https://cert.vde.com/en/advisories/VDE-2021-047",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
Reference in New Issue Copy Permalink