Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
07 Nov 2023, 03:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-001_en.pdf - | |
References | () https://jvn.jp/vu/JVNVU97615777/index.html - |
12 May 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-001_en.pdf - Mitigation, Vendor Advisory | |
References | (CONFIRM) https://jvn.jp/vu/JVNVU97615777/index.html - Mitigation, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 7.5 |
02 Aug 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and prior, GOT2000 series GT21 model GT2107-WTSD VNC server versions 01.40.000 and prior, GOT SIMPLE series GS21 model GS2110-WTBD-N VNC server versions 01.40.000 and prior and GOT SIMPLE series GS21 model GS2107-WTBD-N VNC server versions 01.40.000 and prior allows a remote unauthenticated attacker to gain unauthorized access via specially crafted packets when the "VNC server" function is used. |
04 May 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:mitsubishielectric:gt2107-wtsd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:gt2107-wtbd_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:gs2110-wtbd-n_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:got2000_gt25:-:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:gt2107-wtbd:-:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:gs2107-wtbd-n_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:gt2107-wtsd:-:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:gs2110-wtbd-n:-:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:got2000_gt25_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:mitsubishielectric:got2000_gt27_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:gs2107-wtbd-n:-:*:*:*:*:*:*:* cpe:2.3:h:mitsubishielectric:got2000_gt27:-:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-001_en.pdf - Vendor Advisory | |
References | (CONFIRM) https://jvn.jp/vu/JVNVU97615777/index.html - Third Party Advisory | |
CWE | CWE-287 | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
22 Apr 2021, 20:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-22 19:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-20590
Mitre link : CVE-2021-20590
CVE.ORG link : CVE-2021-20590
JSON object : View
Products Affected
mitsubishielectric
- got2000_gt25
- got2000_gt27_firmware
- got2000_gt27
- gs2110-wtbd-n_firmware
- gt2107-wtbd_firmware
- gt2107-wtsd_firmware
- got2000_gt25_firmware
- gs2107-wtbd-n
- gs2107-wtbd-n_firmware
- gs2110-wtbd-n
- gt2107-wtsd
- gt2107-wtbd
CWE
CWE-287
Improper Authentication