Inadequate Encryption Strength in MU320E - CVE-2021-27450
Published: March 24, 2021
Vulnerability identifier: #VU51699
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-27450
CWE-ID: CWE-326
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: GE
Affected software:
MU320E
MU320E
Detailed vulnerability description
The vulnerability allows a local administrator to compromise the target system.
The vulnerability exists due to the SSH server configuration file does not implement some best practices, which can lead to additional misconfiguration or be leveraged as part of a larger attack.
How to mitigate CVE-2021-27450
Install updates from vendor's website.