How severe is CVE-2021-41503?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2021-41503?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2021-41503 - HIGH Severity | CVSS 8

Vulnerability Description

DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command interface allows attack vectors that may compromise the cameras configuration and allow malicious users on the LAN to access the device. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Related Vulnerabilities

CVE-2020-10916

HIGH

CVSS:8.0(High)

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Alt...

CWE-2872020

CVE-2020-18305

HIGH

CVSS:8.0(High)

Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escala...

CWE-2872020

CVE-2025-27254

HIGH

CVSS:8.0(High)

Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass. The software's startup authentication can be disabled by altering a Windows registry setting that a...

CWE-2872025

CVE-2014-0927

HIGH

CVSS:8.1(High)

The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port ...

CWE-2872014

CVE-2014-3999

HIGH

CVSS:8.1(High)

The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.

CWE-2872014

CVE-2015-0102

HIGH

CVSS:8.1(High)

IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission wit...

CWE-2872015