How severe is CVE-2021-46279?

CVE-2021-46279 has a CVSS v3 score of 5.8 (MEDIUM).

CVE-2021-46279

Name: iac-ast2500a
Author: lannerinc

5.8MEDIUM

Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware

发布于: 10/24/2022更新于: 11/21/2024

描述

Session fixation and insufficient session expiration vulnerabilities allow an attacker to perfom session hijacking attacks against users. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.

AI分析AI驱动

受影响产品

lannerinciac-ast2500a_firmware

1.10.0

lannerinciac-ast2500a

参考资料

https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/
Third Party Advisory
https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-46279/
Third Party Advisory
https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/
Third Party Advisory
https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-46279/
Third Party Advisory