CVE-2021-32926 - Vulnerability Details - OpenCVE

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Rockwellautomation	Micro800 Micro800 Firmware Micrologix 1400 Micrologix 1400 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:rockwellautomation:micro800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:micro800:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2021-06-03T12:35:36

Updated: 2024-08-03T23:33:55.972Z

Reserved: 2021-05-13T00:00:00

Link: CVE-2021-32926

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-06-03T13:15:07.340

Modified: 2024-11-21T06:07:56.463

Link: CVE-2021-32926

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Micro800, MicroLogix 1400", "vendor": "n/a", "versions": [{"status": "affected", "version": "Micro800: All versions, MicroLogix 1400: Version 21 and later when Enhanced Password Security enabled."}]}], "descriptions": [{"lang": "en", "value": "When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-300", "description": "CHANNEL ACCESSIBLE BY NON-ENDPOINT CWE-300", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-03T12:35:36", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2021-32926", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Micro800, MicroLogix 1400", "version": {"version_data": [{"version_value": "Micro800: All versions, MicroLogix 1400: Version 21 and later when Enhanced Password Security enabled."}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CHANNEL ACCESSIBLE BY NON-ENDPOINT CWE-300"}]}]}, "references": {"reference_data": [{"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:33:55.972Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02"}]}]}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2021-32926", "datePublished": "2021-06-03T12:35:36", "dateReserved": "2021-05-13T00:00:00", "dateUpdated": "2024-08-03T23:33:55.972Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:micro800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "03D4249D-322C-4015-B5B7-14C1E85C7295", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:micro800:-:*:*:*:*:*:*:*", "matchCriteriaId": "215D0B80-D0F4-41FD-9255-FBB15C5E282F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:rockwellautomation:micrologix_1400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBA94A94-6328-4309-9EB1-95C433EE53F5", "versionStartIncluding": "21.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:rockwellautomation:micrologix_1400:-:*:*:*:*:*:*:*", "matchCriteriaId": "196EA0BE-FDF3-46BE-B3DA-5F49208C5D80", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition"}, {"lang": "es", "value": "Cuando se produce una petici\u00f3n de cambio de contrase\u00f1a autenticada, esta vulnerabilidad podr\u00eda permitir al atacante interceptar el mensaje que incluye el hash leg\u00edtimo de la nueva contrase\u00f1a y reemplazarlo por un hash ileg\u00edtimo. El usuario ya no podr\u00eda ser capaz de autenticarse en el controlador (Micro800: todas las versiones, MicroLogix 1400: versi\u00f3n 21 y posteriores), causando una condici\u00f3n de denegaci\u00f3n de servicio"}], "id": "CVE-2021-32926", "lastModified": "2024-11-21T06:07:56.463", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2021-06-03T13:15:07.340", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-145-02"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-300"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}