Vulnerability Details CVE-2021-23857
Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.4%
CVSS Severity
CVSS v3 Score 10.0
CVSS v2 Score 10.0
References
Products affected by CVE-2021-23857
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_l20:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_l25:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_l40:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_l45:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_l65:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_l75:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_l85:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_xm21:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_xm22:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_xm41:-
-
cpe:2.3:h:bosch:rexroth_indramotion_mlc_xm42:-
-
cpe:2.3:h:bosch:rexroth_indramotion_xlc:-
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_l20_firmware:-
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_l25_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_l40_firmware:-
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_l45_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_l65_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_l75_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_l85_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_xm21_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_xm22_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_xm41_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_mlc_xm42_firmware:*
-
cpe:2.3:o:bosch:rexroth_indramotion_xlc_firmware:-