CVE-2021-43394

EPSS 0.39%
Veröffentlicht 24.01.2022 22:15:07
Zuletzt bearbeitet 21.11.2024 06:29:09
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Unisys ≫ Messaging Integration Services Version7r3b_ic3

Unisys ≫ Clearpath 2200 Version-

Unisys ≫ Messaging Integration Services Version7r3b_ic4

Unisys ≫ Clearpath 2200 Version-

Unisys ≫ Messaging Integration Services Version7r3c

Unisys ≫ Clearpath 2200 Version-

Unisys ≫ Messaging Integration Services Version7r3d

Unisys ≫ Clearpath 2200 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.39%	0.572

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=66

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-43394

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-43394

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-43394

EUVD