#VU51699 Inadequate Encryption Strength in MU320E - CVE-2021-27450
Published: March 24, 2021
Vulnerability identifier: #VU51699
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-27450
CWE-ID: CWE-326
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
MU320E
MU320E
Software vendor:
GE
GE
Description
The vulnerability allows a local administrator to compromise the target system.
The vulnerability exists due to the SSH server configuration file does not implement some best practices, which can lead to additional misconfiguration or be leveraged as part of a larger attack.
Remediation
Install updates from vendor's website.