Authentication Bypass by Primary Weakness

CVE-2021-45031

High

7.7/10

Summary

A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets attackers to generate high privileged accounts passwords.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-305 - Authentication Bypass by Primary Weakness

The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.

References

Advisory Timeline

Published Mar 30, 2022

Authentication Bypass by Primary Weakness

CVE-2021-45031

Summary

CWE-305 - Authentication Bypass by Primary Weakness

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS