ghsa-qwcv-4jvg-f4mr
Vulnerability from github
Published
2022-03-24 00:00
Modified
2022-04-02 00:00
Severity
Details
GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Factory” user.
{ "affected": [], "aliases": [ "CVE-2021-27426" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2022-03-23T20:15:00Z", "severity": "CRITICAL" }, "details": "GE UR IED firmware versions prior to version 8.1x with \u201cBasic\u201d security variant does not allow the disabling of the \u201cFactory Mode,\u201d which is used for servicing the IED by a \u201cFactory\u201d user.", "id": "GHSA-qwcv-4jvg-f4mr", "modified": "2022-04-02T00:00:31Z", "published": "2022-03-24T00:00:19Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27426" }, { "type": "WEB", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02" }, { "type": "WEB", "url": "https://www.gegridsolutions.com/Passport/Login.aspx" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
Loading...