How severe is CVE-2021-34574?

CVE-2021-34574 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2021-34574

Name: myrex24.virtual
Author: helmholz

4.3MEDIUM

In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new passw

Veröffentlicht: 8/2/2021Aktualisiert: 11/21/2024

Beschreibung

In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.

KI-AnalyseKI-gestützt

Betroffene Produkte

mbconnectlinembconnect24

mbconnectlinemymbconnect24

helmholzmyrex24

helmholzmyrex24.virtual

Referenzen

https://cert.vde.com/en/advisories/VDE-2021-030
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2022-039
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2021-030
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2022-039
Third Party Advisory