Vulnerability Details CVE-2021-33903
In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access. (However, changing the password of the root user via LANconfig does change the password of the root user for SNMPv3 access.)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 8.5
References
Products affected by CVE-2021-33903
-
cpe:2.3:o:lancom-systems:lcos:*
-
cpe:2.3:o:lancom-systems:lcos:10.42.0473