Vulnerabilities > CVE-2021-37184 - Authorization Bypass Through User-Controlled Key vulnerability in Siemens Industrial Edge Management
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
A vulnerability has been identified in Industrial Edge Management (All versions < V1.3). An unauthenticated attacker could change the the password of any user in the system under certain circumstances. With this an attacker could impersonate any valid user on an affected system.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |