CVE-2021-32010

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-32010
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. This issue affects: Secomea SiteManager All versions prior to 9.7. Secomea LinkManager versions prior to 9.7. Secomea GateManager versions prior to 9.7.

5.6 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.secomea.com/support/cybersecurity-advisory/ Vendor Advisory
https://www.secomea.com/support/cybersecurity-advisory/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*

Configuration 10 (hide)

cpe:2.3:a:secomea:linkmanager:*:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:secomea:gatemanager_4250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:gatemanager_4250:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:secomea:gatemanager_4260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:gatemanager_4260:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:secomea:gatemanager_8250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:gatemanager_8250:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:secomea:gatemanager_9250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:gatemanager_9250:-:*:*:*:*:*:*:*
History

21 Nov 2024, 06:06

Type Values Removed Values Added
CVSS v2 : 6.8
v3 : 8.1 		v2 : 6.8
v3 : 5.6
References () https://www.secomea.com/support/cybersecurity-advisory/ - Vendor Advisory () https://www.secomea.com/support/cybersecurity-advisory/ - Vendor Advisory

11 May 2022, 18:43

Type Values Removed Values Added
References (MISC) https://www.secomea.com/support/cybersecurity-advisory/ - (MISC) https://www.secomea.com/support/cybersecurity-advisory/ - Vendor Advisory
CWE CWE-326
CVSS v2 : unknown
v3 : unknown 		v2 : 6.8
v3 : 8.1
CPE cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*
cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*
cpe:2.3:o:secomea:gatemanager_4260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:gatemanager_4250:-:*:*:*:*:*:*:*
cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*
cpe:2.3:h:secomea:gatemanager_4260:-:*:*:*:*:*:*:*
cpe:2.3:h:secomea:gatemanager_8250:-:*:*:*:*:*:*:*
cpe:2.3:h:secomea:gatemanager_9250:-:*:*:*:*:*:*:*
cpe:2.3:o:secomea:gatemanager_9250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:secomea:linkmanager:*:*:*:*:*:*:*:*
cpe:2.3:o:secomea:gatemanager_8250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:secomea:gatemanager_4250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*
cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*

04 May 2022, 15:35

Type Values Removed Values Added
New CVE
Information

Published : 2022-05-04 14:15

Updated : 2024-11-21 06:06

NVD link : CVE-2021-32010

Mitre link : CVE-2021-32010

CVE.ORG link : CVE-2021-32010

JSON object : View

Products Affected

secomea

  • gatemanager_4250_firmware
  • sitemanager_3339_firmware
  • gatemanager_4260
  • sitemanager_1149_firmware
  • sitemanager_1149
  • linkmanager
  • sitemanager_3339
  • sitemanager_1139_firmware
  • gatemanager_9250
  • sitemanager_3529_firmware
  • sitemanager_1129_firmware
  • sitemanager_3329_firmware
  • sitemanager_3529
  • gatemanager_8250_firmware
  • sitemanager_1129
  • sitemanager_3349_firmware
  • sitemanager_3539_firmware
  • gatemanager_4260_firmware
  • sitemanager_1139
  • sitemanager_3549_firmware
  • gatemanager_8250
  • gatemanager_4250
  • sitemanager_3349
  • sitemanager_3549
  • gatemanager_9250_firmware
  • sitemanager_3539
  • sitemanager_3329
CWE
CWE-326

Inadequate Encryption Strength