CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-44207

Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.119

EPSS Ranking 93.4%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 6.8

Proposed Action

Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel.

Ransomware Campaign

Unknown

References

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0012/MNDT-2021-0012.md
https://www.acclaimsystems.com
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0012/MNDT-2021-0012.md
https://www.acclaimsystems.com

Products affected by CVE-2021-44207

Acclaimsystems » Usaherds » Version: Any

cpe:2.3:a:acclaimsystems:usaherds:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-44207

Products

Pricing

Contact Us