CVE-2021-20605

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-20605
Improper Input Validation vulnerability in GOT2000 series GT21 model GT2107-WTBD all versions, GT2107-WTSD all versions, GT2104-RTBD all versions, GT2104-PMBD all versions, GT2103-PMBD all versions, GOT SIMPLE series GS21 model GS2110-WTBD all versions, GS2107-WTBD all versions, GS2110-WTBD-N all versions, GS2107-WTBD-N all versions and LE7-40GU-L all versions allows a remote unauthenticated attacker to cause DoS condition of the products by sending specially crafted packets.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-014_en.pdf Vendor Advisory
https://jvn.jp/vu/JVNVU99532713/index.html Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mitsubishielectric:got2000_gt2107-wtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got2000_gt2107-wtbd:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:mitsubishielectric:got2000_gt2107-wtsd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got2000_gt2107-wtsd:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:mitsubishielectric:got2000_gt2104-rtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got2000_gt2104-rtbd:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:mitsubishielectric:got2000_gt2104-pmbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got2000_gt2104-pmbd:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mitsubishielectric:got2000_gt2103-pmbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got2000_gt2103-pmbd:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:mitsubishielectric:got_simple_gs2110-wtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got_simple_gs2110-wtbd:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:mitsubishielectric:got_simple_gs2107-wtbd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got_simple_gs2107-wtbd:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:mitsubishielectric:got_simple_gs2110-wtbd-n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got_simple_gs2110-wtbd-n:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:mitsubishielectric:got_simple_gs2107-wtbd-n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:got_simple_gs2107-wtbd-n:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:mitsubishielectric:le7-40gu-l_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitsubishielectric:le7-40gu-l:-:*:*:*:*:*:*:*
Information

Published : 2021-10-07 14:15

Updated : 2021-10-18 16:51

NVD link : CVE-2021-20605

Mitre link : CVE-2021-20605

JSON object : View

Products Affected

mitsubishielectric

  • got2000_gt2104-rtbd
  • got_simple_gs2110-wtbd-n_firmware
  • got_simple_gs2107-wtbd-n
  • got2000_gt2103-pmbd_firmware
  • got2000_gt2107-wtsd_firmware
  • got2000_gt2103-pmbd
  • le7-40gu-l
  • got2000_gt2107-wtsd
  • got2000_gt2104-rtbd_firmware
  • got_simple_gs2110-wtbd
  • got2000_gt2104-pmbd
  • le7-40gu-l_firmware
  • got_simple_gs2107-wtbd-n_firmware
  • got2000_gt2107-wtbd_firmware
  • got_simple_gs2110-wtbd_firmware
  • got_simple_gs2107-wtbd_firmware
  • got_simple_gs2107-wtbd
  • got_simple_gs2110-wtbd-n
  • got2000_gt2107-wtbd
  • got2000_gt2104-pmbd_firmware
CWE
CWE-20

Improper Input Validation