2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2021-44564" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2022-01-06T12:15:08.190" ,
"lastModified" : "2022-01-14T16:46:31.343" ,
"vulnStatus" : "Analyzed" ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products)."
} ,
{
"lang" : "es" ,
"value" : "Una vulnerabilidad de seguridad reportada originalmente en el producto SYNC2101, y aplicable a subfamilias espec\u00edficas de dispositivos SYNC, permite a un atacante descargar el archivo de configuraci\u00f3n usado en el dispositivo y aplicar un archivo de configuraci\u00f3n modificado al dispositivo. El ataque requiere el acceso a la red del dispositivo SYNC y el conocimiento de su direcci\u00f3n IP. El ataque aprovecha el canal de comunicaci\u00f3n no seguro usado entre la herramienta de administraci\u00f3n Easyconnect y el dispositivo SYNC (en la familia de productos SYNC afectados)."
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "HIGH" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH" ,
"baseScore" : 8.1 ,
"baseSeverity" : "HIGH"
} ,
"exploitabilityScore" : 2.2 ,
"impactScore" : 5.9
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P" ,
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
"availabilityImpact" : "PARTIAL" ,
"baseScore" : 6.8
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-noinfo"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync241-m1:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4B1AA2BC-CA0A-4028-90D1-547CB0031389"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync241-m1_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "88D85FB1-6FF7-4D55-A26A-352B7EB03722"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync241-m2:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "72558BCA-8D30-4842-BA8A-51BB4D26915C"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync241-m2_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "911A0B2D-5290-42C5-9877-160B20F4D9AD"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync241-m4:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "32E82DDF-D777-44DC-8FBF-C3F04663F9A9"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync241-m4_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "D39E14B2-2C63-42FE-ABF3-6016E4F41432"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync261-m1:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E3B18F41-ED50-42D3-B9D4-3DEF640EE228"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync261-m1_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "FFFF582F-D51E-428A-B00E-1F8519FC609A"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2000-m1:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A971040A-55A6-4833-8750-AF1870452FD6"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2000-m1_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "F52CE9C4-7586-4342-8EB4-4F8E6E514A69"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2000-m2:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EEA1AC32-480A-4FF1-8A01-5B59B2D5C139"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2000-m2_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "AE688854-F15C-4617-BBF5-ABB08CD8304C"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2000-m4:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "06578C60-4641-4B0D-8CD3-C1F10A56C1E8"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2000-m4_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "D164D066-98FB-4326-9BCE-D1AC32F02011"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2101-m1:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "74E4360A-504B-46DE-B94A-6055B16AA697"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2101-m1_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "317C3804-E08B-4EC3-9DCA-C34758A6488F"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2101-m2_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "615A140F-1611-4170-BE74-E0A8AFA1E1F8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2101-m2:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F5C62DCF-E364-4EA1-B82C-531BDB45570A"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2101-m6_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "EAC44331-522B-49A7-BC5E-DD3A072F9453"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2101-m6:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E1AC7FC0-6572-463D-A325-51AC5B7F8E6C"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2101-m7_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "DAB56747-F98E-4064-A228-8C383384702B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2101-m7:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A4F70EF2-3CDA-40C0-8683-19D74C202ACF"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2101-m8_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "A7FD3B17-A78B-4CCD-965C-29DCEAFB41FC"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2101-m8:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "231542BD-36DD-4B36-A8A9-9E4FA740E04B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2111-m2_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "64050E57-2E3A-4752-90FC-4F0415F83641"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2111-m2:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "49E004F8-D287-43A2-AF98-0269DAA3DA24"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync2111-m3_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "6C7FE851-E9D8-4ADE-A57A-D869BB8CF386"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync2111-m3:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "550A1D61-948A-48CE-9900-CE86FE2E3347"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync3000-m1_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "D05C9788-A6D1-458B-A926-706FCD175FEB"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync3000-m1:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9F51E3F9-E8D7-4BF6-B435-F6926B4E2A6B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync3000-m2_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "F410F404-6ECA-4303-94B3-D223D78B85F8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync3000-m2:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F0595CA0-9FAA-4FA2-8598-E6C5BE144055"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync3000-m3_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "F141A804-2F76-4AC3-8872-3AF1A7E0257F"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync3000-m3:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1D704951-FA3B-4829-96A2-5EA36075DFF8"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync3000-m4_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "626BCE19-E438-4ADE-9771-671B687FF0C8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync3000-m4:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "727E9705-10AF-4889-823A-7EFC7C520410"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync3000-m12_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "9BDF76E6-3116-4AD2-BF74-E05757779507"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync3000-m12:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "120D54D9-B91A-405E-834C-4091C333541C"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:kalkitech:sync221-m1_firmware:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.15.3" ,
"matchCriteriaId" : "E5665FBD-37BE-4F60-B6B4-D67C1798B3B3"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:kalkitech:sync221-m1:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "735A8425-DA8A-4787-BBD5-1CBE83421D1E"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://www.kalkitech.com/cybersecurity/" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
}
]
}
