Vulnerability Details CVE-2021-31989
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.0%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 3.5
References
Products affected by CVE-2021-31989
-
cpe:2.3:a:axis:device_manager:5.00.010
-
cpe:2.3:a:axis:device_manager:5.01.005
-
cpe:2.3:a:axis:device_manager:5.02.003
-
cpe:2.3:a:axis:device_manager:5.03.002
-
cpe:2.3:a:axis:device_manager:5.04.010
-
cpe:2.3:a:axis:device_manager:5.04.015
-
cpe:2.3:a:axis:device_manager:5.05.021
-
cpe:2.3:a:axis:device_manager:5.06.030
-
cpe:2.3:a:axis:device_manager:5.06.032
-
cpe:2.3:a:axis:device_manager:5.08.039
-
cpe:2.3:a:axis:device_manager:5.09.042
-
cpe:2.3:a:axis:device_manager:5.10.044
-
cpe:2.3:a:axis:device_manager:5.10.045
-
cpe:2.3:a:axis:device_manager:5.11.050
-
cpe:2.3:a:axis:device_manager:5.12.053
-
cpe:2.3:a:axis:device_manager:5.13.055
-
cpe:2.3:a:axis:device_manager:5.14.059
-
cpe:2.3:a:axis:device_manager:5.15.061
-
cpe:2.3:a:axis:device_manager:5.16.061
-
cpe:2.3:a:axis:device_manager:5.16.063