CVE-2021-37184
First published: Tue Sep 14 2021(Updated: )
A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any valid user on an affected system.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Industrial Edge Management | <1.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-37184.
What is the severity of CVE-2021-37184?
The severity of CVE-2021-37184 is critical (9.8).
Which versions of Industrial Edge Management are affected by CVE-2021-37184?
All versions of Industrial Edge Management below V1.3 are affected by CVE-2021-37184.
What can an unauthenticated attacker do with CVE-2021-37184?
An unauthenticated attacker can change the password of any user in the system, allowing them to impersonate any valid user on an affected system.
Is there a fix available for CVE-2021-37184?
Yes, Siemens has released a fix for CVE-2021-37184. Please refer to the official reference for more information.
- collector/nvd-index
- vendor/siemens
- canonical/siemens industrial edge management