CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-23843

The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make unauthorized changes to configuration data on the device. An attacker can exploit this vulnerability to manipulate the device\'s configuration or make it unresponsive in the local network. The attacker needs to have access to the local network, typically even the same subnet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 4.6

References

Products affected by CVE-2021-23843

Bosch » Access Management System » Version: 3.0

cpe:2.3:a:bosch:access_management_system:3.0
Bosch » Access Professional Edition » Version: 3.0

cpe:2.3:a:bosch:access_professional_edition:3.0
Bosch » Access Professional Edition » Version: 3.2

cpe:2.3:a:bosch:access_professional_edition:3.2
Bosch » Access Professional Edition » Version: 3.3

cpe:2.3:a:bosch:access_professional_edition:3.3
Bosch » Access Professional Edition » Version: 3.4

cpe:2.3:a:bosch:access_professional_edition:3.4
Bosch » Access Professional Edition » Version: 3.5

cpe:2.3:a:bosch:access_professional_edition:3.5
Bosch » Access Professional Edition » Version: 3.6

cpe:2.3:a:bosch:access_professional_edition:3.6
Bosch » Access Professional Edition » Version: 3.7

cpe:2.3:a:bosch:access_professional_edition:3.7
Bosch » Building Integration System » Version: 2.2

cpe:2.3:a:bosch:building_integration_system:2.2
Bosch » Building Integration System » Version: 2.3

cpe:2.3:a:bosch:building_integration_system:2.3
Bosch » Building Integration System » Version: 2.4

cpe:2.3:a:bosch:building_integration_system:2.4
Bosch » Building Integration System » Version: 2.5

cpe:2.3:a:bosch:building_integration_system:2.5
Bosch » Building Integration System » Version: 3.0

cpe:2.3:a:bosch:building_integration_system:3.0
Bosch » Building Integration System » Version: 4.0

cpe:2.3:a:bosch:building_integration_system:4.0
Bosch » Building Integration System » Version: 4.1

cpe:2.3:a:bosch:building_integration_system:4.1
Bosch » Building Integration System » Version: 4.2

cpe:2.3:a:bosch:building_integration_system:4.2
Bosch » Building Integration System » Version: 4.3

cpe:2.3:a:bosch:building_integration_system:4.3
Bosch » Building Integration System » Version: 4.4

cpe:2.3:a:bosch:building_integration_system:4.4
Bosch » Building Integration System » Version: 4.5

cpe:2.3:a:bosch:building_integration_system:4.5
Bosch » Building Integration System » Version: 4.6

cpe:2.3:a:bosch:building_integration_system:4.6
Bosch » Building Integration System » Version: 4.6.1

cpe:2.3:a:bosch:building_integration_system:4.6.1
Bosch » Building Integration System » Version: 4.7

cpe:2.3:a:bosch:building_integration_system:4.7
Bosch » Building Integration System » Version: 4.8

cpe:2.3:a:bosch:building_integration_system:4.8
Bosch » Building Integration System » Version: 4.9

cpe:2.3:a:bosch:building_integration_system:4.9
Bosch » Amc2 » Version: N/A

cpe:2.3:h:bosch:amc2:-
Bosch » Amc2 Firmware » Version: N/A

cpe:2.3:o:bosch:amc2_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-23843

Products

Pricing

Contact Us