CVE-2021-22661
N/A
N/A
Summary
Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E (Versions 1.9.62 and prior).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | ICX35-HWC-A, ICX35-HWC-E | Versions 1.9.62 and prior | affected |
Weaknesses
- CWE-264: PERMISSIONS, PRIVILEGES, AND ACCESS CONTROLS CWE-264
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.