CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22731

Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2021-22731

Schneider-Electric » Mcsesm043f23f0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm043f23f0:-
Schneider-Electric » Mcsesm053f1cs0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm053f1cs0:-
Schneider-Electric » Mcsesm053f1cu0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm053f1cu0:-
Schneider-Electric » Mcsesm063f2cs0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm063f2cs0:-
Schneider-Electric » Mcsesm063f2cu0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm063f2cu0:-
Schneider-Electric » Mcsesm083f23f0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm083f23f0:-
Schneider-Electric » Mcsesm083f23f0h » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm083f23f0h:-
Schneider-Electric » Mcsesm093f1cs0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm093f1cs0:-
Schneider-Electric » Mcsesm093f1cu0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm093f1cu0:-
Schneider-Electric » Mcsesm103f2cs0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm103f2cs0:-
Schneider-Electric » Mcsesm103f2cs0h » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm103f2cs0h:-
Schneider-Electric » Mcsesm103f2cu0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm103f2cu0:-
Schneider-Electric » Mcsesm103f2cu0h » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm103f2cu0h:-
Schneider-Electric » Mcsesm123f2lg0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesm123f2lg0:-
Schneider-Electric » Mcsesp083f23g0 » Version: N/A

cpe:2.3:h:schneider-electric:mcsesp083f23g0:-
Schneider-Electric » Mcsesp083f23g0t » Version: N/A

cpe:2.3:h:schneider-electric:mcsesp083f23g0t:-
Schneider-Electric » Mcsesm043f23f0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm043f23f0_firmware:*
Schneider-Electric » Mcsesm053f1cs0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm053f1cs0_firmware:*
Schneider-Electric » Mcsesm053f1cu0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm053f1cu0_firmware:*
Schneider-Electric » Mcsesm063f2cs0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm063f2cs0_firmware:*
Schneider-Electric » Mcsesm063f2cu0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm063f2cu0_firmware:*
Schneider-Electric » Mcsesm083f23f0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm083f23f0_firmware:*
Schneider-Electric » Mcsesm083f23f0h Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm083f23f0h_firmware:*
Schneider-Electric » Mcsesm093f1cs0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm093f1cs0_firmware:*
Schneider-Electric » Mcsesm093f1cu0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm093f1cu0_firmware:*
Schneider-Electric » Mcsesm103f2cs0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm103f2cs0_firmware:*
Schneider-Electric » Mcsesm103f2cs0h Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm103f2cs0h_firmware:*
Schneider-Electric » Mcsesm103f2cu0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm103f2cu0_firmware:*
Schneider-Electric » Mcsesm103f2cu0h Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm103f2cu0h_firmware:*
Schneider-Electric » Mcsesm123f2lg0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesm123f2lg0_firmware:*
Schneider-Electric » Mcsesp083f23g0 Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesp083f23g0_firmware:*
Schneider-Electric » Mcsesp083f23g0t Firmware » Version: Any

cpe:2.3:o:schneider-electric:mcsesp083f23g0t_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-22731

Products

Pricing

Contact Us