CVE-2021-32997

Name of the Vulnerable Software and Affected Versions Baker Hughes Bentley Nevada 3500 System 1 6.x versions 6.98 and prior Baker Hughes Bentley Nevada 3500 System 1 versions 21.1 HF1 and prior Baker Hughes Bentley Nevada 3500 Rack Configuration versions 6.4 and prior Baker Hughes Bentley Nevada 3500/22M Firmware versions 5.05 and prior

Description The affected products utilize a weak encryption algorithm for storage and transmission of sensitive data, which may allow an attacker to more easily obtain credentials used for access.

Recommendations For Baker Hughes Bentley Nevada 3500 System 1 6.x versions 6.98 and prior, consider updating to a version that utilizes a stronger encryption algorithm. For Baker Hughes Bentley Nevada 3500 System 1 versions 21.1 HF1 and prior, consider updating to a version that utilizes a stronger encryption algorithm. For Baker Hughes Bentley Nevada 3500 Rack Configuration versions 6.4 and prior, consider updating to a version that utilizes a stronger encryption algorithm. For Baker Hughes Bentley Nevada 3500/22M Firmware versions 5.05 and prior, consider updating to a version that utilizes a stronger encryption algorithm. As a temporary workaround, consider restricting access to sensitive data until a patch is available.