How severe is CVE-2021-46279?

CVE-2021-46279 has a CVSS v3 score of 5.8 (MEDIUM).

CVE-2021-46279

Name: iac-ast2500a
Author: lannerinc

5.8MEDIUM

Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware

Published: 10/24/2022Updated: 11/21/2024

Description

Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.

AI AnalysisPowered by AI

Affected Products

lannerinciac-ast2500a_firmware

1.10.0

lannerinciac-ast2500a

References

https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/
Third Party Advisory
https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-46279/
Third Party Advisory
https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/
Third Party Advisory
https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-46279/
Third Party Advisory