How severe is CVE-2021-34574?

CVE-2021-34574 has a CVSS v3 score of 4.3 (MEDIUM).

CVE-2021-34574

Name: myrex24.virtual
Author: helmholz

4.3MEDIUM

In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new passw

Publicado: 8/2/2021Atualizado: 11/21/2024

Descrição

In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.

Análise IADesenvolvido por IA

Produtos Afetados

mbconnectlinembconnect24

mbconnectlinemymbconnect24

helmholzmyrex24

helmholzmyrex24.virtual

Referências

https://cert.vde.com/en/advisories/VDE-2021-030
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2022-039
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2021-030
Third Party Advisory
https://cert.vde.com/en/advisories/VDE-2022-039
Third Party Advisory