M-System DL8 series (type A (DL8-A) versions prior to Ver3.0, type B (DL8-B) versions prior to Ver3.0, type C (DL8-C) versions prior to Ver3.0, type D (DL8-D) versions prior to Ver3.0, and type E (DL8-E) versions prior to Ver3.0) allows remote authenticated attackers to bypass access restriction and conduct prohibited operations via unspecified vectors.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN47497535/index.html | Third Party Advisory |
https://www.m-system.co.jp/download_w/dl_dl8updaterE.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Information
Published : 2021-03-17 18:15
Updated : 2021-03-23 12:19
NVD link : CVE-2021-20676
Mitre link : CVE-2021-20676
JSON object : View
CWE
CWE-863
Incorrect Authorization
Products Affected
m-system
- dl8-b_firmware
- dl8-b
- dl8-c_firmware
- dl8-d_firmware
- dl8-a
- dl8-e
- dl8-e_firmware
- dl8-a_firmware
- dl8-c
- dl8-d