How severe is CVE-2021-22741?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2021-22741?

This is classified as CWE-916, which is a common weakness in software security.

CVE-2021-22741 - MEDIUM Severity | CVSS 6.7

Vulnerability Description

Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA (all versions), EcoStruxure Geo SCADA Expert 2019 (all versions), and EcoStruxure Geo SCADA Expert 2020 (V83.7742.1 and prior), which could cause the revealing of account credentials when server database files are available. Exposure of these files to an attacker can make the system vulnerable to password decryption attacks. Note that “.sde” configuration export files do not contain user account password hashes.

Related Vulnerabilities

CVE-2021-38400

MEDIUM

CVSS:6.8(Medium)

An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse eng...

CWE-9162021

CVE-2022-24041

MEDIUM

CVSS:6.5(Medium)

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All ve...

CWE-9162022

CVE-2025-24340

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintext passwords of other users.

CWE-9162025

CVE-2022-47557

MEDIUM

CVSS:6.1(Medium)

Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to...

CWE-9162022

CVE-2002-1657

HIGH

CVSS:7.5(High)

PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.

CWE-9162002

CVE-2008-1526

HIGH

CVSS:7.5(High)

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) through 3.40(AHQ.3), do not use a salt when calculating an MD5 password hash, which makes it ea...

CWE-9162008