PT-2021-15570 · Rexroth+1 · Indramotion Mlc L20+13
Eran Jacob
+2
·
Published
2021-10-04
·
Updated
2022-08-30
·
CVE-2021-23857
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
No specific software or versions are mentioned.
Description:
The login routine of the system allows clients to log in using the hash of the password instead of the password itself. This issue can be combined with another security concern to allow an attacker to subsequently log in to the system.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Indramotion Mlc L20
Indramotion Mlc L25
Rexroth Indramotion Mlc L20 Firmware
Rexroth Indramotion Mlc L25 Firmware
Rexroth Indramotion Mlc L40 Firmware
Rexroth Indramotion Mlc L45 Firmware
Rexroth Indramotion Mlc L65 Firmware
Rexroth Indramotion Mlc L75 Firmware
Rexroth Indramotion Mlc L85 Firmware
Rexroth Indramotion Mlc Xm21 Firmware
Rexroth Indramotion Mlc Xm22 Firmware
Rexroth Indramotion Mlc Xm41 Firmware
Rexroth Indramotion Mlc Xm42 Firmware
Rexroth Indramotion Xlc Firmware