// For flags

CVE-2021-22731

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.

Se presenta una vulnerabilidad del Mecanismo de Recuperación de Contraseña débil para Contraseña Olvidada en Modicon Managed Switch MCSESM* y MCSESP* versiones V8.21 y anteriores, lo que podría causar un cambio de contraseña no autorizada mediante protocolo HTTP / HTTPS cuando la información básica del usuario es conocida por un atacante remoto

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-01-06 CVE Reserved
  • 2021-05-26 CVE Published
  • 2024-02-09 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-640: Weak Password Recovery Mechanism for Forgotten Password
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Schneider-electric
Search vendor "Schneider-electric"
Mcsesp083f23g0 Firmware
Search vendor "Schneider-electric" for product "Mcsesp083f23g0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesp083f23g0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesp083f23g0
Search vendor "Schneider-electric" for product "Mcsesp083f23g0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesp083f23g0t Firmware
Search vendor "Schneider-electric" for product "Mcsesp083f23g0t Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesp083f23g0t Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesp083f23g0t
Search vendor "Schneider-electric" for product "Mcsesp083f23g0t"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm043f23f0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm043f23f0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm043f23f0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm043f23f0
Search vendor "Schneider-electric" for product "Mcsesm043f23f0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm053f1cu0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm053f1cu0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm053f1cu0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm053f1cu0
Search vendor "Schneider-electric" for product "Mcsesm053f1cu0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm063f2cu0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm063f2cu0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm063f2cu0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm063f2cu0
Search vendor "Schneider-electric" for product "Mcsesm063f2cu0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm053f1cs0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm053f1cs0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm053f1cs0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm053f1cs0
Search vendor "Schneider-electric" for product "Mcsesm053f1cs0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm063f2cs0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm063f2cs0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm063f2cs0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm063f2cs0
Search vendor "Schneider-electric" for product "Mcsesm063f2cs0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm083f23f0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm083f23f0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm083f23f0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm083f23f0
Search vendor "Schneider-electric" for product "Mcsesm083f23f0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm103f2cu0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm103f2cu0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm103f2cu0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm103f2cu0
Search vendor "Schneider-electric" for product "Mcsesm103f2cu0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm083f23f0h Firmware
Search vendor "Schneider-electric" for product "Mcsesm083f23f0h Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm083f23f0h Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm083f23f0h
Search vendor "Schneider-electric" for product "Mcsesm083f23f0h"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm103f2cu0h Firmware
Search vendor "Schneider-electric" for product "Mcsesm103f2cu0h Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm103f2cu0h Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm103f2cu0h
Search vendor "Schneider-electric" for product "Mcsesm103f2cu0h"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm103f2cs0h Firmware
Search vendor "Schneider-electric" for product "Mcsesm103f2cs0h Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm103f2cs0h Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm103f2cs0h
Search vendor "Schneider-electric" for product "Mcsesm103f2cs0h"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm123f2lg0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm123f2lg0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm123f2lg0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm123f2lg0
Search vendor "Schneider-electric" for product "Mcsesm123f2lg0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm093f1cu0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm093f1cu0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm093f1cu0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm093f1cu0
Search vendor "Schneider-electric" for product "Mcsesm093f1cu0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm093f1cs0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm093f1cs0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm093f1cs0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm093f1cs0
Search vendor "Schneider-electric" for product "Mcsesm093f1cs0"
--
Safe
Schneider-electric
Search vendor "Schneider-electric"
Mcsesm103f2cs0 Firmware
Search vendor "Schneider-electric" for product "Mcsesm103f2cs0 Firmware"
< 8.22
Search vendor "Schneider-electric" for product "Mcsesm103f2cs0 Firmware" and version " < 8.22"
-
Affected
in Schneider-electric
Search vendor "Schneider-electric"
Mcsesm103f2cs0
Search vendor "Schneider-electric" for product "Mcsesm103f2cs0"
--
Safe