Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2021-33723

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An authenticated attacker could change the user profile of any user without proper authorization. With this, the attacker could change the password of any user in the affected system.

  • Published: Oct 12, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-33723
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
siemens / sinec_nms 1.0-sp1 1.0-sp1.x
siemens / sinec_nms 1.0 1.0.x
siemens / sinec_nms 1.0-sp2 1.0-sp2.x
siemens / sinec_nms - 1.0