Bosch: >> Rexroth Indramotion Xlc Security Vulnerabilities
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables.
CVSS Score
8.6
EPSS Score
0.002
Published
2021-10-04
Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.
CVSS Score
10.0
EPSS Score
0.004
Published
2021-10-04