{"containers": {"cna": {"affected": [{"product": "Cisco Small Business 220 Series Smart Plus Switches", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2021-10-06T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory."}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-540", "description": "CWE-540", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-06T19:46:05.000Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20211006 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX"}], "source": {"advisory": "cisco-sa-sb-hardcoded-cred-MJCEXvX", "defect": [["CSCvy90709", "CSCvy90713"]], "discovery": "INTERNAL"}, "title": "Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-10-06T16:00:00", "ID": "CVE-2021-34757", "STATE": "PUBLIC", "TITLE": "Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Small Business 220 Series Smart Plus Switches", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory."}]}, "exploit": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "impact": {"cvss": {"baseScore": "5.5", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-540"}]}]}, "references": {"reference_data": [{"name": "20211006 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX"}]}, "source": {"advisory": "cisco-sa-sb-hardcoded-cred-MJCEXvX", "defect": [["CSCvy90709", "CSCvy90713"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:19:48.139Z"}, "title": "CVE Program Container", "references": [{"name": "20211006 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-07T21:40:08.512662Z", "id": "CVE-2021-34757", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T21:48:59.339Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-34757", "datePublished": "2021-10-06T19:46:05.398Z", "dateReserved": "2021-06-15T00:00:00.000Z", "dateUpdated": "2024-11-07T21:48:59.339Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX", "name": "20211006 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:19:48.139Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-34757", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-07T21:40:08.512662Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T21:40:57.343Z"}}], "cna": {"title": "Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "source": {"defect": [["CSCvy90709", "CSCvy90713"]], "advisory": "cisco-sa-sb-hardcoded-cred-MJCEXvX", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Small Business 220 Series Smart Plus Switches", "versions": [{"status": "affected", "version": "n/a"}]}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "datePublic": "2021-10-06T00:00:00.000Z", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX", "name": "20211006 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-540", "description": "CWE-540"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2021-10-06T19:46:05.000Z"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "5.5", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}}, "source": {"defect": [["CSCvy90709", "CSCvy90713"]], "advisory": "cisco-sa-sb-hardcoded-cred-MJCEXvX", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "Cisco Small Business 220 Series Smart Plus Switches"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX", "name": "20211006 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-540"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-34757", "STATE": "PUBLIC", "TITLE": "Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-10-06T16:00:00"}}}}, "cveMetadata": {"cveId": "CVE-2021-34757", "state": "PUBLISHED", "dateUpdated": "2024-11-07T21:48:59.339Z", "dateReserved": "2021-06-15T00:00:00.000Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2021-10-06T19:46:05.398Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-8t-e-2g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F57E1F8-E627-4113-A443-A6DB80236233", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-8t-e-2g:-:*:*:*:*:*:*:*", "matchCriteriaId": "864B54D4-1DAC-4805-AB0C-12B4AF3AA2A5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-8p-e-2g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC2C7129-CEA2-49D5-9967-DC5D2AAD65FE", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-8p-e-2g:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D6B0BB2-6CCF-4C28-A8A6-2D83F8BAD16D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-8fp-e-2g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "716EF897-3C9C-408A-92FC-AFDF3F436C1A", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-8fp-e-2g:-:*:*:*:*:*:*:*", "matchCriteriaId": "A732D0F9-0C3A-41F1-9CD7-6839878F11E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-16t-2g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D7CA726-6C49-40E3-BAF8-1C3906548EFD", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-16t-2g:-:*:*:*:*:*:*:*", "matchCriteriaId": "A796A4C0-1EC3-4D5D-8992-7C9C9EB64B7D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-16p-2g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "16987EB7-0097-462F-9ED6-BD99328069EE", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-16p-2g:-:*:*:*:*:*:*:*", "matchCriteriaId": "53F2ACD8-7EEA-4FF5-91B3-2499A67C2A6B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-24t-4g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "50706ED0-C8BD-4300-A139-E3CD06D0F889", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-24t-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "694AD646-37B9-413B-98E8-0D7E3638CF7B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-24p-4g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F8CC1AB-91D0-4073-911E-E8561DE61ED4", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-24p-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "912D0893-5C74-498C-91F2-3BDE746658FF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-24fp-4g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "609956AC-1496-49D5-B9F4-620AA9B08FDB", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-24fp-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "A783C843-285B-4811-8A58-9CE40DC9A156", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-48t-4g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "620B645E-EEF3-4001-B42C-F0F8A4C5FF7E", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-48t-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "972E3541-9384-4A5B-9528-9CE264A89779", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-48p-4g_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7337547E-A891-45DD-B4B7-126080520F19", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-48p-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "39E46FA4-73AF-4C90-83E0-E6882ED9F0DA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-24t-4x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "763C387F-1656-4D4A-9245-38E50819AA70", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-24t-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B16A54C-FE26-41E8-B9C8-D20C55F95B9F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-24p-4x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0B4D510-E63C-428D-BBFD-524ADC88FA2E", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-24p-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5F675E8-69BA-4C5D-A638-15070E4C3A95", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-24fp-4x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE82D534-9E35-4F71-8E93-1255FF492AF0", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-24fp-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F9AD8EC-96C2-4431-96A9-E297DC302C29", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-48t-4x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "43CD76F1-08CB-4E2B-8CAA-A3483D87772B", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-48t-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C849A07-4AE9-4593-A2F6-17014F672DC8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-48p-4x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "35CAE9D5-701D-4936-865D-04F16E61CF7F", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-48p-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "7125313E-2FDB-4AC8-A84C-AD1837856436", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:business_220-48fp-4x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "46BA6DCB-B5A0-460E-9F41-7367F076EE0E", "versionEndIncluding": "1.2.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:business_220-48fp-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9630B5B-14CA-4779-9080-7B3FE6EE5CB8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory."}, {"lang": "es", "value": "Varias vulnerabilidades en el firmware de Cisco Business 220 Series Smart Switches podr\u00edan permitir a un atacante con privilegios de administrador acceder a credenciales de inicio de sesi\u00f3n confidenciales o reconfigurar las contrase\u00f1as de la cuenta de usuario. Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Details de este aviso"}], "id": "CVE-2021-34757", "lastModified": "2024-11-21T06:11:07.857", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.3, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-10-06T20:15:10.947", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-hardcoded-cred-MJCEXvX"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-540"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}