Unrated severityNVD Advisory· Published Aug 2, 2021· Updated Sep 16, 2024
Password policy evasion in products of MB connect line and Helmholz
CVE-2021-34574
Description
In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7<=2.11.2+ 3 more
- (no CPE)range: <=2.11.2
- (no CPE)range: <=2.11.2
- (no CPE)range: 2
- (no CPE)range: 2
- Range: 2
Patches
Vulnerability mechanics
References
2- cert.vde.com/en/advisories/VDE-2021-030mitrex_refsource_CONFIRM
- cert.vde.com/en/advisories/VDE-2022-039mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.