Unrated severityNVD Advisory· Published Oct 22, 2021· Updated Sep 16, 2024
AUVESY Versiondog
CVE-2021-38459
Description
The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user passwords or delete the database.
Affected products
1- Range: All
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- us-cert.cisa.gov/ics/advisories/icsa-21-292-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.