How severe is CVE-2021-32496?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2021-32496?

This is classified as CWE-326, which is a common weakness in software security.

CVE-2021-32496 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength vulnerability concerning the internal SSH interface solely used by SICK for recovering returned devices. The use of weak ciphers make it easier for an attacker to break the security that protects information transmitted from the client to the SSH server, assuming the attacker has access to the network on which the device is connected. This can increase the risk that encryption will be compromised, leading to the exposure of sensitive user information and man-in-the-middle attacks.

Related Vulnerabilities

CVE-2014-0841

MEDIUM

CVSS:5.3(Medium)

IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-forc...

CWE-3262014

CVE-2017-2391

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before 3.1 on iOS are aff...

CWE-3262017

CVE-2017-5160

MEDIUM

CVSS:5.3(Medium)

An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The software will connect via Transport Layer Security withou...

CWE-3262017

CVE-2018-1466

MEDIUM

CVSS:5.3(Medium)

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weak...

CWE-3262018

CVE-2018-1593

MEDIUM

CVSS:5.3(Medium)

IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due to missing file checksums. IBM X-Force ID: 143568.

CWE-3262018

CVE-2018-4839

MEDIUM

CVSS:5.3(Medium)

A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Etherne...

CWE-3262018