How severe is CVE-2021-43774?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2021-43774?

This is classified as CWE-327, which is a common weakness in software security.

CVE-2021-43774

MEDIUM Year: 2021

CVSS v3 Score

4.9

Medium

CVSS v2 Score

3.5

Low

Weakness Type

CWE-327

View all →

Vulnerability Description

A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker that obtained access to the administrative web interface of a printer (e.g., by using the default credentials) can download the address book file, which contains the list of users (domain users, FTP users, etc.) stored on the printer, together with their encrypted passwords. The passwords are protected by a weak cipher, such as ROT13, which requires minimal effort to instantly retrieve the original password, giving the attacker a list of valid domain or FTP usernames and passwords.

CVE-2018-5745

MEDIUM

CVSS:4.9(Medium)

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed...

CWE-3272018

CVE-2024-10128

MEDIUM

CVSS:4.9(Medium)

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads ...

CWE-3272024

CVE-2024-20070

MEDIUM

CVSS:5.1(Medium)

In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak...

CWE-3272024

CVE-2017-14937

MEDIUM

CVSS:4.7(Medium)

The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security Access (SA) data to the internal CAN bus (or the OBD connector). This affects the airbag control units...

CWE-3272017

CVE-2019-15795

MEDIUM

CVSS:4.7(Medium)

python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle ...

CWE-3272019

CVE-2021-36647

MEDIUM

CVSS:4.7(Medium)

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to pre...

CWE-3272021

CVE-2021-43774

Vulnerability Description

Related Vulnerabilities

CVE-2018-5745

CVE-2024-10128

CVE-2024-20070

CVE-2017-14937

CVE-2019-15795

CVE-2021-36647