QwikSec

Security Database

CVE

CWE

Training

CVE-2021-22731

Published: May 26, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.

Vendor	Product	Versions
n/a	Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior	affected `Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior`

Weaknesses (CWE)

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.