NotCVE - vendor:"Ge" product:"Reason Dr60"

3 results (0.001 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-27454

https://notcve.org/view.php?id=CVE-2021-27454

25 Mar 2021 — The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions prior to 02A04.1). El software lleva a cabo una operación en un nivel de privilegio mayor que el nivel mínimo requerido, lo que crea nuevas debilidades o amplifica las consecuencias de otras debilidades en el Reason DR60 (todas las versiones de firmware anteriores a 02A04.1) • https://us-cert.cisa.gov/ics/advisories/icsa-21-082-03 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-27440

https://notcve.org/view.php?id=CVE-2021-27440

25 Mar 2021 — The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1). El software contiene una contraseña embebida que usa para su propia autenticación entrante o para la comunicación saliente a componentes externos en el Reason DR60 (todas las versiones de firmware anteriores a 02A04.1) • https://us-cert.cisa.gov/ics/advisories/icsa-21-082-03 • CWE-259: Use of Hard-coded Password CWE-798: Use of Hard-coded Credentials •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-27438

https://notcve.org/view.php?id=CVE-2021-27438

25 Mar 2021 — The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions prior to 02A04.1). El software contiene una contraseña embebida que usa para su propia autenticación entrante o para la comunicación saliente a componentes externos en el Reason DR60 (todas las versiones de firmware anteriores a 02A04.1) • https://us-cert.cisa.gov/ics/advisories/icsa-21-082-03 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-798: Use of Hard-coded Credentials •