CVE-2021-21902

Summary

An authentication bypass vulnerability exists in the CMA run_server_6877 functionality of Garrett Metal Detectors iC Module CMA Version 5.0. A properly-timed network connection can lead to authentication bypass via session hijacking. An attacker can send a sequence of requests to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aGarrett Metal DetectorsGarrett Metal Detectors iC Module CMA Version 5.0affected

Weaknesses

  • CWE-303: CWE-303: Incorrect Implementation of Authentication Algorithm

ADP Enrichment

CVE Program Container

Additional References

References