VDE-2021-030 | CERT@VDE

2022-09-07 12:48 (CEST) VDE-2021-030

MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A)

Share: Email | Twitter

ID

VDE-2021-030

Published

2022-09-07 12:48 (CEST)

Last update

2022-09-07 12:48 (CEST)

Vendor(s)

MB connect line GmbH

Product(s)

Article No°	Product Name	Affected Version(s)
	mbCONNECT24	<= 2.11.2
	mymbCONNECT24	<= 2.11.2

Summary

Two issues have been discovered in mymbCONNECT24 and mbCONNECT24 in all versions
including V2.8.0.

Update A, 2022-09-07:

Updated affected versions (and solution) due to incomplete fixes in previous versions

Vulnerabilities

CVE-2021-34575

7.5

Last Update

17. November 2022 10:47

Severity

7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Weakness

Observable Discrepancy (CWE-203)

Summary

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind of response the server sends.

Details

nvd.nist.gov

CVE-2021-34574

4.3

Last Update

17. November 2022 10:47

Severity

4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)

Weakness

Incorrect Resource Transfer Between Spheres (CWE-669)

Summary

In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.

Details

nvd.nist.gov

Solution

CVE-2020-34575: Update to >= 2.9.0

Update A, 2022-09-07:

CVE-2020-34574: Update to 2.12.1

Reported by

OTORIO reported the vulnerabilities to MB connect line.

CERT@VDE coordinated.