Gryphonconnect - Gryphon Tower CVE

Filtered by vendor Gryphonconnect Subscribe

Filtered by product Gryphon Tower

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-20146	1 Gryphonconnect	2 Gryphon Tower, Gryphon Tower Firmware	2021-12-13	10.0 HIGH	9.8 CRITICAL
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services.

Vulnerabilities (CVE)