CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-34575

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind of response the server sends.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2021-34575

Mbconnectline » Mbconnect24 » Version: N/A

cpe:2.3:a:mbconnectline:mbconnect24:-
Mbconnectline » Mbconnect24 » Version: 2.5.0

cpe:2.3:a:mbconnectline:mbconnect24:2.5.0
Mbconnectline » Mbconnect24 » Version: 2.6.1

cpe:2.3:a:mbconnectline:mbconnect24:2.6.1
Mbconnectline » Mbconnect24 » Version: 2.6.2

cpe:2.3:a:mbconnectline:mbconnect24:2.6.2
Mbconnectline » Mbconnect24 » Version: 2.8.0

cpe:2.3:a:mbconnectline:mbconnect24:2.8.0
Mbconnectline » Mymbconnect24 » Version: N/A

cpe:2.3:a:mbconnectline:mymbconnect24:-
Mbconnectline » Mymbconnect24 » Version: 2.5.0

cpe:2.3:a:mbconnectline:mymbconnect24:2.5.0
Mbconnectline » Mymbconnect24 » Version: 2.6.1

cpe:2.3:a:mbconnectline:mymbconnect24:2.6.1
Mbconnectline » Mymbconnect24 » Version: 2.6.2

cpe:2.3:a:mbconnectline:mymbconnect24:2.6.2
Mbconnectline » Mymbconnect24 » Version: 2.8.0

cpe:2.3:a:mbconnectline:mymbconnect24:2.8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-34575

Products

Pricing

Contact Us