Lucene search
CERTVDECVELIST:CVE-2021-20996HistoryMay 13, 2021 - 1:45 p.m.
CVE-2021-20996 WAGO: Managed Switches: Unsecure Cookie settings
2021-05-1313:45:24
CWE-732
CERTVDE
www.cve.org
6
wago
managed switches
unsecure cookie
special crafted requests
third parties
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
35.9%
In multiple managed switches by WAGO in different versions special crafted requests can lead to cookies being transferred to third parties.
CNA Affected
[
{
"product": "0852-0303",
"vendor": "WAGO",
"versions": [
{
"lessThanOrEqual": "V1.2.3.S0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "0852-1305",
"vendor": "WAGO",
"versions": [
{
"lessThanOrEqual": "V1.1.7.S0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "0852-1505",
"vendor": "WAGO",
"versions": [
{
"lessThanOrEqual": "V1.1.6.S0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "0852-1305/000-001",
"vendor": "WAGO",
"versions": [
{
"lessThanOrEqual": "V1.0.4.S0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "0852-1505/000-001",
"vendor": "WAGO",
"versions": [
{
"lessThanOrEqual": "V1.0.4.S0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Code injection
2021-05-13 14:15:00
nvd
nvd
CVE-2021-20996
2021-05-13 14:15:18
cve
cve
CVE-2021-20996
2021-05-13 14:15:18
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
35.9%
Related for CVELIST:CVE-2021-20996