Vulnerability Details CVE-2021-28914
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow the user to set a weak password because the strength is shown in configuration tool, but finally not enforced. This is usable and part of an attack chain to gain SSH root access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
Products affected by CVE-2021-28914
-
cpe:2.3:h:bab-technologie:eibport:v3
-
cpe:2.3:o:bab-technologie:eibport_firmware:3.8.2
-
cpe:2.3:o:bab-technologie:eibport_firmware:3.8.3