CVE-2021-43978

Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:allegro:allegro:3.3.4152.0:*:*:*:*:windows:*:*

History

21 Nov 2024, 06:30

Type Values Removed Values Added
References () https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978 - Patch, Third Party Advisory () https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978 - Patch, Third Party Advisory
References () https://www.allegro.be/ - Vendor Advisory () https://www.allegro.be/ - Vendor Advisory
CVSS v2 : 5.5
v3 : 8.1
v2 : 5.5
v3 : 7.1

13 Dec 2021, 17:18

Type Values Removed Values Added
CWE CWE-522
CPE cpe:2.3:a:allegro:allegro:3.3.4152.0:*:*:*:*:windows:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 5.5
v3 : 8.1
References (MISC) https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978 - (MISC) https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978 - Patch, Third Party Advisory
References (MISC) https://www.allegro.be/ - (MISC) https://www.allegro.be/ - Vendor Advisory

08 Dec 2021, 19:26

Type Values Removed Values Added
New CVE

Information

Published : 2021-12-08 19:15

Updated : 2024-11-21 06:30


NVD link : CVE-2021-43978

Mitre link : CVE-2021-43978

CVE.ORG link : CVE-2021-43978


JSON object : View

Products Affected

allegro

  • allegro
CWE
CWE-522

Insufficiently Protected Credentials