CVE-2021-31791 — HIGH (7.5)

Q: What is CVE-2021-31791?

CVE-2021-31791 is a vulnerability with a CVSS score of 7.5 (HIGH). In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after a failure or timeout of a command.

Q: How severe is CVE-2021-31791?

CVE-2021-31791 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-31791?

Check the references section above for vendor advisories and patch information. Affected products include: Sentrysoftware Hardware Sentry Km For Bmc Patrol.

Vulnerability Description

In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after a failure or timeout of a command.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Sentrysoftware	Hardware Sentry Km For Bmc Patrol	< 10.0.01

Related Weaknesses (CWE)

CWE-312

References

https://www.sentrysoftware.com/library/releaseNotes/index.html?hardwaresentrykmfRelease NotesVendor Advisory
https://www.sentrysoftware.com/library/releaseNotes/index.html?hardwaresentrykmfRelease NotesVendor Advisory

FAQ

What is CVE-2021-31791?

CVE-2021-31791 is a vulnerability with a CVSS score of 7.5 (HIGH). In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext password may be discovered after a failure or timeout of a command.

How severe is CVE-2021-31791?

CVE-2021-31791 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-31791?

Check the references section above for vendor advisories and patch information. Affected products include: Sentrysoftware Hardware Sentry Km For Bmc Patrol.