NVD - CVE-2021-23849

Vulnerability Change Records for CVE-2021-23849

Change History

Initial Analysis by NIST 8/12/2021 12:20:08 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR cpe:2.3:o:bosch:aviotec_firmware:7.61::::::: cpe:2.3:o:bosch:aviotec_firmware:7.72::::::: OR cpe:2.3:h:bosch:aviotec:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:bosch:cpp13_firmware:7.75::::::: OR cpe:2.3:h:bosch:cpp13:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:bosch:cpp14_firmware:8.00::::::: OR cpe:2.3:h:bosch:cpp14:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:bosch:cpp4_firmware:7.10::::::: OR cpe:2.3:h:bosch:cpp4:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:bosch:cpp6_firmware:7.60::::::: cpe:2.3:o:bosch:cpp6_firmware:7.61::::::: cpe:2.3:o:bosch:cpp6_firmware:7.70::::::: cpe:2.3:o:bosch:cpp6_firmware:7.80::::::: OR cpe:2.3:h:bosch:cpp6:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:bosch:cpp7.3_firmware:7.60::::::: cpe:2.3:o:bosch:cpp7.3_firmware:7.61::::::: cpe:2.3:o:bosch:cpp7.3_firmware:7.62::::::: cpe:2.3:o:bosch:cpp7.3_firmware:7.70::::::: cpe:2.3:o:bosch:cpp7.3_firmware:7.72::::::: cpe:2.3:o:bosch:cpp7.3_firmware:7.73::::::: cpe:2.3:o:bosch:cpp7.3_firmware:7.80::::::: OR cpe:2.3:h:bosch:cpp7.3:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:bosch:cpp7_firmware:7.60::::::: cpe:2.3:o:bosch:cpp7_firmware:7.61::::::: cpe:2.3:o:bosch:cpp7_firmware:7.70::::::: cpe:2.3:o:bosch:cpp7_firmware:7.72::::::: cpe:2.3:o:bosch:cpp7_firmware:7.80::::::: OR cpe:2.3:h:bosch:cpp7:-:::::::*
Added	CVSS V2		NIST (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CWE		NIST CWE-352
Changed	Reference Type	https://psirt.bosch.com/security-advisories/bosch-sa-033305-bt.html No Types Assigned	https://psirt.bosch.com/security-advisories/bosch-sa-033305-bt.html Vendor Advisory