Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-27450 | 1 Ge | 2 Mu320e, Mu320e Firmware | 2021-03-29 | 4.6 MEDIUM | 7.8 HIGH |
SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E (all firmware versions prior to v04A00.1). | |||||
CVE-2021-27452 | 1 Ge | 2 Mu320e, Mu320e Firmware | 2021-03-29 | 10.0 HIGH | 9.8 CRITICAL |
The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1). | |||||
CVE-2021-27448 | 1 Ge | 2 Mu320e, Mu320e Firmware | 2021-03-29 | 4.6 MEDIUM | 7.8 HIGH |
A miscommunication in the file system allows adversaries with access to the MU320E to escalate privileges on the MU320E (all firmware versions prior to v04A00.1). |