Vulnerability Details CVE-2021-21902
An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. A properly-timed network connection can lead to authentication bypass via session hijacking. An attacker can send a sequence of requests to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 9.3
References
Products affected by CVE-2021-21902
-
cpe:2.3:o:garrett:ic_module_cma:5.0