Filtered by vendor Bosch
Subscriptions
Filtered by product Rexroth Indramotion Xlc
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-23857 | 1 Bosch | 24 Rexroth Indramotion Mlc L20, Rexroth Indramotion Mlc L20 Firmware, Rexroth Indramotion Mlc L25 and 21 more | 2024-11-21 | 10 Critical |
Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system. | ||||
CVE-2021-23855 | 1 Bosch | 4 Rexroth Indramotion Mlc, Rexroth Indramotion Mlc Firmware, Rexroth Indramotion Xlc and 1 more | 2024-11-21 | 8.6 High |
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables. |
Page 1 of 1.