CVE-2021-35979 (GCVE-0-2021-35979)
Vulnerability from cvelistv5
Published
2021-10-08 14:21
Modified
2024-08-04 00:47
Severity ?
CWE
  • n/a
Summary
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:47:42.592Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Digi RealPort through 4.8.488.0. The \u0027encrypted\u0027 mode is vulnerable to man-in-the-middle attacks and does not perform authentication."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-08T14:21:22",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-35979",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Digi RealPort through 4.8.488.0. The \u0027encrypted\u0027 mode is vulnerable to man-in-the-middle attacks and does not perform authentication."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt",
              "refsource": "MISC",
              "url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-35979",
    "datePublished": "2021-10-08T14:21:22",
    "dateReserved": "2021-06-30T00:00:00",
    "dateUpdated": "2024-08-04T00:47:42.592Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-35979\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-10-08T15:15:08.917\",\"lastModified\":\"2024-11-21T06:12:52.853\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Digi RealPort through 4.8.488.0. The \u0027encrypted\u0027 mode is vulnerable to man-in-the-middle attacks and does not perform authentication.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado un problema en Digi RealPort versiones hasta 4.8.488.0. El modo \\\"encrypted\\\" es vulnerable a los ataques de tipo man-in-the-middle y no lleva a cabo la autenticaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digi:realport:*:*:*:*:*:linux:*:*\",\"versionEndIncluding\":\"1.9-40\",\"matchCriteriaId\":\"D59A75BB-9159-4631-BC71-39969604EB41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digi:realport:*:*:*:*:*:windows:*:*\",\"versionEndIncluding\":\"4.8.488.0\",\"matchCriteriaId\":\"4051C215-7A7D-44AF-8194-ABB054C8C0AA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:connectport_ts_8\\\\/16_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF9EA753-1CAC-4A67-B856-3C10C5B4B46D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:connectport_ts_8\\\\/16:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E90551D8-A6FF-40EE-BE92-C60D3CCF9FD6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:connectport_lts_8\\\\/16\\\\/32_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61EB8CA2-2B8B-454B-A626-F62D0FE5CD9A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:connectport_lts_8\\\\/16\\\\/32:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0620D1B-2856-4EDC-9BD4-F450375EF2B6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:passport_integrated_console_server_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2115058-245C-4FF7-97BB-67BA9C109B0D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:passport_integrated_console_server:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"445C5BA3-6733-40C8-B895-D9AED69F6825\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:cm_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC630FB9-26EE-4287-A140-9C29D583E672\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:cm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A9DDFA4-8F21-47E4-97D0-3B135072E273\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:portserver_ts_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D816746-F642-49BE-8C29-FCC39FB9684A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:portserver_ts:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE6377CC-097B-4775-9964-338A3CFA87CA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:portserver_ts_mei_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAFB437A-6204-43CF-8567-6B271C8A6A53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:portserver_ts_mei:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8206DA8-2823-4116-9E76-975C9A3F2EF7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:portserver_ts_mei_hardened_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ED9E7D9-03F9-4707-9A84-B94F4B47C940\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:portserver_ts_mei_hardened:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"817E2152-5A72-4B88-A1A1-8CFEFA134979\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:portserver_ts_m_mei_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BA6165-F33E-4D34-A4E2-B658601A87F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:portserver_ts_m_mei:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FC7BF4B-3C56-44B2-8933-E24ACCA000E1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:6350-sr_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77B38406-6CF6-4E03-8637-E3A34E652887\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:6350-sr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"511A91D4-E530-4DAB-8D27-1171D3580DC5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:portserver_ts_p_mei_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E98CE064-C7CE-44BB-867F-C1589BF53FA5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:portserver_ts_p_mei:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C711FEFA-0A37-4B97-AAC0-D0330D9F5E55\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:transport_wr11_xt_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D678EC7F-5B4F-4CE5-83EE-8BB496011D02\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:transport_wr11_xt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10850ACB-E28F-4AC7-ABA0-EDFF2D2F9EF6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:one_iap_family_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59992E4A-F342-4EE0-8050-BEA624A92640\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:one_iap_family:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE6848E4-F446-4D2D-9D01-9B9C23DF203B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:one_ia_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E04D204A-CEA9-4A2C-9E08-6315007384B0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:one_ia:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BE8C4FB-9DB5-4A32-8EFC-69B746BF2E33\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:wr31_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED6848D4-90FB-4916-B5FF-7194BE75041E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:wr31:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9F02872-5C53-419B-902C-4906E546C8B7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:wr44_r_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED26070C-69AD-4549-9F13-9FF7AA3B3AFF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:wr44_r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F5E08FD-5872-4E42-BDA7-2B15CF49C06D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:connect_es_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70664D1E-6E97-488E-BF8E-4C36C02D162B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:connect_es:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EF02532-005E-4246-AA51-DAC2EA1726FF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:digi:wr21_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2BE2DA9-A83A-48FA-A3BB-0E8E2FCB959C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:digi:wr21:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EC0E5E9-FBFE-4C99-9C68-6322B255BE88\"}]}]}],\"references\":[{\"url\":\"https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.