GE UR firmware versions prior to version 8.1x web server interface is supported on UR over HTTP protocol. It allows sensitive information exposure without authentication.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02 | Mitigation Third Party Advisory US Government Resource |
https://www.gegridsolutions.com/Passport/Login.aspx | Permissions Required Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
History
24 Oct 2022, 16:43
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-319 |
01 Apr 2022, 18:24
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-200 | |
CPE | cpe:2.3:h:ge:multilin_d30:-:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_b30_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_c60_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_g60_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_m60_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_n60:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_t60:-:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_g30_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_g60:-:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_c30_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_d30_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_b90_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_c70:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_d60:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_g30:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_t35:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_l60:-:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_l90_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_c95_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_c95:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_l30:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_f35:-:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_t35_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_t60_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_c30:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_b90:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_c60:-:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_f35_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_l30_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_f60:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_l90:-:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_m60:-:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_c70_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:ge:multilin_b30:-:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_d60_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_n60_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_l60_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:ge:multilin_f60_firmware:*:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02 - Mitigation, Third Party Advisory, US Government Resource | |
References | (CONFIRM) https://www.gegridsolutions.com/Passport/Login.aspx - Permissions Required, Vendor Advisory | |
First Time |
Ge multilin N60 Firmware
Ge multilin L60 Firmware Ge multilin C30 Firmware Ge multilin F60 Firmware Ge multilin C95 Ge multilin T60 Firmware Ge multilin G60 Ge multilin L90 Ge multilin C70 Firmware Ge multilin T35 Firmware Ge multilin B90 Firmware Ge multilin F35 Ge multilin C60 Ge multilin N60 Ge multilin B30 Firmware Ge multilin G30 Firmware Ge multilin L30 Ge multilin B90 Ge multilin T35 Ge multilin T60 Ge multilin M60 Ge multilin D30 Ge multilin C70 Ge multilin C95 Firmware Ge multilin D30 Firmware Ge multilin C60 Firmware Ge Ge multilin G60 Firmware Ge multilin G30 Ge multilin M60 Firmware Ge multilin F60 Ge multilin L90 Firmware Ge multilin F35 Firmware Ge multilin L60 Ge multilin D60 Firmware Ge multilin B30 Ge multilin C30 Ge multilin D60 Ge multilin L30 Firmware |
23 Mar 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-23 20:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-27422
Mitre link : CVE-2021-27422
CVE.ORG link : CVE-2021-27422
JSON object : View
Products Affected
ge
- multilin_l30
- multilin_f60
- multilin_g60_firmware
- multilin_g30_firmware
- multilin_c30
- multilin_m60
- multilin_f35_firmware
- multilin_t60
- multilin_g60
- multilin_c60
- multilin_g30
- multilin_t60_firmware
- multilin_f60_firmware
- multilin_l90_firmware
- multilin_b90
- multilin_c95_firmware
- multilin_d30
- multilin_l30_firmware
- multilin_n60
- multilin_c30_firmware
- multilin_b30
- multilin_t35_firmware
- multilin_f35
- multilin_b90_firmware
- multilin_d30_firmware
- multilin_c70
- multilin_n60_firmware
- multilin_m60_firmware
- multilin_l60
- multilin_c95
- multilin_d60_firmware
- multilin_d60
- multilin_c60_firmware
- multilin_l60_firmware
- multilin_l90
- multilin_b30_firmware
- multilin_t35
- multilin_c70_firmware