Lucene search

[email protected]NVD:CVE-2021-38759

HistoryDec 07, 2021 - 9:15 p.m.

CVE-2021-38759

2021-12-0721:15:08

CWE-1188

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.051 Low

EPSS

Percentile

93.0%

JSON

Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not changed, attackers can gain administrator privileges.

Affected configurations

NVD

Node

raspberrypiraspberry_pi_os_liteRange≤5.10

References

packetstormsecurity.com/files/165211/Raspberry-Pi-5.10-Default-Credentials.html

arstechnica.com/gadgets/2022/04/raspberry-pi-os-axes-longstanding-default-user-account-in-the-name-of-security/

www.cnvd.org.cn/flaw/show/CNVD-2021-43968

www.raspberrypi.com/documentation/computers/configuration.html#change-the-default-password

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.051 Low

EPSS

Percentile

93.0%

JSON

Related for NVD:CVE-2021-38759

packetstorm1 rapid7blog2 prion1 cve1 githubexploit1 zdt1 openvas1 cvelist1 exploitdb1