CVE-2021-45925

Опубликовано: 24 окт. 2022

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Observable discrepancies in the login process allow an attacker to guess legitimate user names registered in the BMC. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0.

Ссылки

https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/
Third Party Advisory
https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-45925/
Third Party Advisory
https://www.nozominetworks.com/blog/vulnerabilities-in-bmc-firmware-affect-ot-iot-device-security-part-1/
Third Party Advisory
https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-45925/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:lannerinc:iac-ast2500a_firmware:1.10.0:*:*:*:*:*:*:*

cpe:2.3:h:lannerinc:iac-ast2500a:-:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00187

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-203

Связанные уязвимости

GHSA-c359-wq75-m99w