CVE-2021-33903
Summary
| CVE | CVE-2021-33903 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-10-07 15:15:00 UTC |
| Updated | 2021-10-15 12:28:00 UTC |
| Description | In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access. (However, changing the password of the root user via LANconfig does change the password of the root user for SNMPv3 access.) |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Lancom-systems | Lcos | All | All | All | All |
| Operating System | Lancom-systems | Lcos | 10.42.0473 | - | All | All |
| Operating System | Lancom-systems | Lcos | 10.42.0473 | release_update1 | All | All |
| Operating System | Lancom-systems | Lcos | 10.42.0473 | release_update2 | All | All |
| Operating System | Lancom-systems | Lcos | 10.42.0473 | release_update3 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.nmedv.de/wp-content/uploads/2021/10/NME-2021-001.txt | MISC | www.nmedv.de | |
| Seite nicht gefunden | www.nmedv.de | MISC | www.nmedv.de | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.