PT-2022-9814 · Ge · Ge Ur

Published

2022-03-23

Updated

2022-10-24

CVE-2021-27422

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions GE UR firmware versions prior to 8.1x

Description The issue allows sensitive information exposure without authentication. This occurs because the web server interface is supported over the HTTP protocol.

Recommendations For GE UR firmware versions prior to 8.1x, update to version 8.1x or later to resolve the issue.

Fix

Information Disclosure

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-319

Related Identifiers

CVE-2021-27422

Affected Products

Ge Ur

PT-2022-9814 · Ge · Ge Ur

CVE-2021-27422

Weakness Enumeration

Related Identifiers

Affected Products

References · 5