Unrated severityNVD Advisory· Published Jun 18, 2021· Updated Sep 16, 2024

B426 Credential Disclosure

CVE-2021-23846

Description

When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Bosch/Security System Firmwarellm-create
Range: < 3.11.5
Bosch/B426 Firmwarecpe-rescue
Range: 03.01.0004

Patches

Vulnerability mechanics

References

psirt.bosch.com/security-advisories/bosch-sa-196933-bt.htmlmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000