PT-2022-12455 · Softwarebuero Zauner · Softwarebuero Zauner Arc

Sebastian Hamann

Published

2022-04-05

Updated

2022-04-14

CVE-2021-45893

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Softwarebuero Zauner ARC version 4.2.0.4

Description An issue was discovered that involves improper handling of case sensitivity. This issue makes password guessing easier.

Recommendations For Softwarebuero Zauner ARC version 4.2.0.4, consider implementing additional security measures to mitigate the risk of password guessing, such as account lockout policies or two-factor authentication. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-178

Related Identifiers

CVE-2021-45893

Affected Products

Softwarebuero Zauner Arc

PT-2022-12455 · Softwarebuero Zauner · Softwarebuero Zauner Arc

CVE-2021-45893

Weakness Enumeration

Related Identifiers

Affected Products

References · 4