CVE-2021-22702

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (affected versions not specified)

Description A Cleartext transmission of sensitive information issue exists, which could cause disclosure of user credentials when a malicious actor intercepts Telnet network traffic between a user and the device. This is due to the lack of protection for transmitted data, allowing a remote attacker to gain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

BDU:2021-04330

CVE-2021-22702

Affected Products

Pm800

Powerlogic Ion7400

Powerlogic Ion7650

Powerlogic Ion7700

Powerlogic Ion83Xx

Powerlogic Ion84Xx

Powerlogic Ion85Xx

Powerlogic Ion8600

Powerlogic Ion8650

Powerlogic Ion8800

Powerlogic Ion9000

CVE-2021-22702

Weakness Enumeration

Related Identifiers

Affected Products

References · 8