7.5
CVE-2021-34589
- EPSS 0.92%
- Veröffentlicht 27.04.2022 16:15:10
- Zuletzt bearbeitet 21.11.2024 06:10:45
- Quelle info@cert.vde.com
- CVE-Watchlists
- Unerledigt
LoginBender Charge Controller: RFID leak
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the web interface.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bender ≫ Cc612 Firmware Version >= 5.11.0 < 5.11.2
Bender ≫ Cc612 Firmware Version >= 5.12.0 < 5.12.5
Bender ≫ Cc612 Firmware Version >= 5.13.0 < 5.13.2
Bender ≫ Cc612 Firmware Version >= 5.20.0 < 5.20.2
Bender ≫ Cc613 Firmware Version >= 5.11.0 < 5.11.2
Bender ≫ Cc613 Firmware Version >= 5.13.0 < 5.13.2
Bender ≫ Cc613 Firmware Version >= 5.20.0 < 5.20.2
Bender ≫ Icc613 Firmware Version >= 5.12.0 < 5.12.5
Bender ≫ Icc15xx Firmware Version >= 5.11.0 < 5.11.2
Bender ≫ Icc15xx Firmware Version >= 5.12.0 < 5.12.5
Bender ≫ Icc15xx Firmware Version >= 5.13.0 < 5.13.2
Bender ≫ Icc15xx Firmware Version >= 5.20.0 < 5.20.2
Bender ≫ Icc16xx Firmware Version >= 5.11.0 < 5.11.2
Bender ≫ Icc16xx Firmware Version >= 5.12.0 < 5.12.5
Bender ≫ Icc16xx Firmware Version >= 5.13.0 < 5.13.2
Bender ≫ Icc16xx Firmware Version >= 5.20.0 < 5.20.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.92% | 0.557 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| info@cert.vde.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
https://cert.vde.com/en/advisories/VDE-2021-047