CVE-2021-22731 - AskarLabs CVE Database

CVE-2021-22731

Vendor N/A

Product Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior

Weakness CWE-640 · Weak password recovery

Published May 26, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.

Key dates

02Disclosure timeline

May 26, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-22731

Related vulnerabilities

04Related CVE

CVE-2024-5404 ifm: moneo prone to weak password recovery mechanism CVE-2024-45670 IBM Security SOAR weak password recovery mechanism CVE-2024-11103 Contest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account Takeover CVE-2023-4448 OpenRapid RapidCMS run-movepass.php password recovery CVE-2026-29199