CVE-2021-32926
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-32926
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
通道可被非端点访问(中间人攻击)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Rockwell Automation Micro 1400 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Rockwell Automation MicroLogix 1400是美国Rockwell Automation公司的一款可编程逻辑控制器。 Rockwell Automation Micro800 and MicroLogix 1400 存在安全漏洞。攻击者可利用该漏洞拦截包含合法的新密码散列的密码更改请求消息,并将其替换为非法散列。用户将不再能够对控制器进行身份验证,从而导致拒绝服务的情况。以下产品和版本受到影响:Micro800: All versions ,MicroLogix 1400: Ve
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | Micro800, MicroLogix 1400 | Micro800: All versions, MicroLogix 1400: Version 21 and later when Enhanced Password Security enabled. | - |
II. Public POCs for CVE-2021-32926
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-32926
请登录查看更多情报信息。
- https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2021-32926
Same Patch Batch · n/a · 2021-06-03 · 39 CVEs total
| CVE-2020-28469 | 5.3 MEDIUM | Regular Expression Denial of Service (ReDoS) |
| CVE-2020-36004 | AppCMS SQL注入漏洞 | |
| CVE-2021-22335 | 华为智能手机缓冲区错误漏洞 | |
| CVE-2021-22334 | 多款HUAWEI产品 安全漏洞 | |
| CVE-2021-3469 | Foreman 安全漏洞 | |
| CVE-2021-25947 | Npm nestie 安全漏洞 | |
| CVE-2019-14584 | EDK2 代码问题漏洞 | |
| CVE-2020-35973 | zzcms zzcms 跨站脚本漏洞 | |
| CVE-2020-35972 | YzmCMS YzmCMS 跨站请求伪造漏洞 | |
| CVE-2020-35971 | YzmCMS 跨站脚本漏洞 | |
| CVE-2020-35970 | YzmCMS 代码问题漏洞 | |
| CVE-2021-22337 | HuaWei 华为智能手机安全漏洞 | |
| CVE-2020-36005 | AppCMS 安全漏洞 | |
| CVE-2020-36006 | AppCMS 安全漏洞 | |
| CVE-2020-36007 | AppCMS 跨站脚本漏洞 | |
| CVE-2020-36008 | OBottle 安全漏洞 | |
| CVE-2020-36009 | OBottle 安全漏洞 | |
| CVE-2021-33840 | Gtlab luca 数据伪造问题漏洞 | |
| CVE-2021-33839 | Luca 信息泄露漏洞 | |
| CVE-2021-33838 | Luca 信息泄露漏洞 |
Showing top 20 of 39 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2021-32926
No comments yet