How severe is CVE-2021-34574?

CVE-2021-34574 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2021-34574

Name: myrex24.virtual
Author: helmholz

4.3MEDIUM

In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new passw

Published: 8/2/2021Updated: 11/21/2024

Description

In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.

AI AnalysisPowered by AI

Affected Products

mbconnectlinembconnect24

mbconnectlinemymbconnect24

helmholzmyrex24

helmholzmyrex24.virtual

References

https://cert.vde.com/en/advisories/VDE-2021-030
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2022-039
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2021-030
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2022-039
Third Party Advisory