CVE-2021-33903

EPSS 0.4%
Published 07.10.2021 15:15:10
Last modified 21.11.2024 06:09:44
Source cve@mitre.org
Teams watchlist Login
Open Login

In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access. (However, changing the password of the root user via LANconfig does change the password of the root user for SNMPv3 access.)

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Lancom-systems ≫ Lcos Version >= 10.40 < 10.42.0473

Lancom-systems ≫ Lcos Version10.42.0473 Update-

Lancom-systems ≫ Lcos Version10.42.0473 Updaterelease_update1

Lancom-systems ≫ Lcos Version10.42.0473 Updaterelease_update2

Lancom-systems ≫ Lcos Version10.42.0473 Updaterelease_update3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.4%	0.577

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	8.5	6.8	10	AV:N/AC:M/Au:S/C:C/I:C/A:C

https://www.nmedv.de/wp-content/uploads/2021/10/NME-2021-001.txt

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-33903

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-33903

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-33903

EUVD