CVE-2021-23855

Severity CVSS v4.0:
Pending analysis
Type:
CWE-326 Inadequate Encryption Strength
Publication date:
04/10/2021
Last modified:
30/08/2022

Description

The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:bosch:rexroth_indramotion_xlc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:rexroth_indramotion_xlc:-:*:*:*:*:*:*:*
cpe:2.3:o:bosch:rexroth_indramotion_mlc_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:bosch:rexroth_indramotion_mlc:-:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools