PT-2021-17984 · Bab Technologie Gmbh · Eibport V3
Psytester
·
Published
2021-09-09
·
Updated
2021-09-22
·
CVE-2021-28914
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
BAB TECHNOLOGIE GmbH eibPort V3 versions prior to 3.9.1
Description:
The issue allows users to set weak passwords because, although the password strength is displayed in the configuration tool, it is not enforced. This can be part of an attack chain to gain SSH root access.
Recommendations:
For versions prior to 3.9.1, update to version 3.9.1 or later to enforce strong password requirements and prevent potential exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Eibport V3