How severe is CVE-2021-21902?

CVE-2021-21902 has a CVSS v3 score of 8.1 (HIGH).

CVE-2021-21902

Name: ic_module_cma
Author: garrett

8.1HIGH

An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. A properly-timed network connection can lead to authenticat

发布于: 12/22/2021更新于: 11/21/2024

描述

An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. A properly-timed network connection can lead to authentication bypass via session hijacking. An attacker can send a sequence of requests to trigger this vulnerability.

AI分析AI驱动

受影响产品

garrettic_module_cma

5.0

参考资料

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1354
ExploitThird Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1354
ExploitThird Party Advisory