Filtered by vendor Bosch Subscriptions
Filtered by product Rexroth Indramotion Xlc Firmware Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-23857 1 Bosch 24 Rexroth Indramotion Mlc L20, Rexroth Indramotion Mlc L20 Firmware, Rexroth Indramotion Mlc L25 and 21 more 2024-11-21 10 Critical
Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.
CVE-2021-23855 1 Bosch 4 Rexroth Indramotion Mlc, Rexroth Indramotion Mlc Firmware, Rexroth Indramotion Xlc and 1 more 2024-11-21 8.6 High
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables.