CVE-2021-44564 (GCVE-0-2021-44564)

Vulnerability from cvelistv5 – Published: 2022-01-06 11:53 – Updated: 2024-08-04 04:25
VLAI?
Summary
A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products).
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:25:16.841Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.kalkitech.com/cybersecurity/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-06T11:53:39.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.kalkitech.com/cybersecurity/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-44564",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.kalkitech.com/cybersecurity/",
              "refsource": "MISC",
              "url": "https://www.kalkitech.com/cybersecurity/"
            },
            {
              "name": "https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf",
              "refsource": "MISC",
              "url": "https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-44564",
    "datePublished": "2022-01-06T11:53:39.000Z",
    "dateReserved": "2021-12-06T00:00:00.000Z",
    "dateUpdated": "2024-08-04T04:25:16.841Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-44564",
      "date": "2026-05-08",
      "epss": "0.00476",
      "percentile": "0.64974"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync241-m1_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"88D85FB1-6FF7-4D55-A26A-352B7EB03722\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync241-m1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B1AA2BC-CA0A-4028-90D1-547CB0031389\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync241-m2_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"911A0B2D-5290-42C5-9877-160B20F4D9AD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync241-m2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72558BCA-8D30-4842-BA8A-51BB4D26915C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync241-m4_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"D39E14B2-2C63-42FE-ABF3-6016E4F41432\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync241-m4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32E82DDF-D777-44DC-8FBF-C3F04663F9A9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync261-m1_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"FFFF582F-D51E-428A-B00E-1F8519FC609A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync261-m1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3B18F41-ED50-42D3-B9D4-3DEF640EE228\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2000-m1_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"F52CE9C4-7586-4342-8EB4-4F8E6E514A69\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2000-m1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A971040A-55A6-4833-8750-AF1870452FD6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2000-m2_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"AE688854-F15C-4617-BBF5-ABB08CD8304C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2000-m2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEA1AC32-480A-4FF1-8A01-5B59B2D5C139\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2000-m4_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"D164D066-98FB-4326-9BCE-D1AC32F02011\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2000-m4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06578C60-4641-4B0D-8CD3-C1F10A56C1E8\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2101-m1_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"317C3804-E08B-4EC3-9DCA-C34758A6488F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2101-m1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74E4360A-504B-46DE-B94A-6055B16AA697\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2101-m2_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"615A140F-1611-4170-BE74-E0A8AFA1E1F8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2101-m2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5C62DCF-E364-4EA1-B82C-531BDB45570A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2101-m6_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"EAC44331-522B-49A7-BC5E-DD3A072F9453\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2101-m6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1AC7FC0-6572-463D-A325-51AC5B7F8E6C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2101-m7_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"DAB56747-F98E-4064-A228-8C383384702B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2101-m7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4F70EF2-3CDA-40C0-8683-19D74C202ACF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2101-m8_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"A7FD3B17-A78B-4CCD-965C-29DCEAFB41FC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2101-m8:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"231542BD-36DD-4B36-A8A9-9E4FA740E04B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2111-m2_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"64050E57-2E3A-4752-90FC-4F0415F83641\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2111-m2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E004F8-D287-43A2-AF98-0269DAA3DA24\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync2111-m3_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"6C7FE851-E9D8-4ADE-A57A-D869BB8CF386\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync2111-m3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"550A1D61-948A-48CE-9900-CE86FE2E3347\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync3000-m1_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"D05C9788-A6D1-458B-A926-706FCD175FEB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync3000-m1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F51E3F9-E8D7-4BF6-B435-F6926B4E2A6B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync3000-m2_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"F410F404-6ECA-4303-94B3-D223D78B85F8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync3000-m2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0595CA0-9FAA-4FA2-8598-E6C5BE144055\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync3000-m3_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"F141A804-2F76-4AC3-8872-3AF1A7E0257F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync3000-m3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D704951-FA3B-4829-96A2-5EA36075DFF8\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync3000-m4_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"626BCE19-E438-4ADE-9771-671B687FF0C8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync3000-m4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"727E9705-10AF-4889-823A-7EFC7C520410\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync3000-m12_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"9BDF76E6-3116-4AD2-BF74-E05757779507\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync3000-m12:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"120D54D9-B91A-405E-834C-4091C333541C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:kalkitech:sync221-m1_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.15.3\", \"matchCriteriaId\": \"E5665FBD-37BE-4F60-B6B4-D67C1798B3B3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:kalkitech:sync221-m1:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"735A8425-DA8A-4787-BBD5-1CBE83421D1E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products).\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de seguridad reportada originalmente en el producto SYNC2101, y aplicable a subfamilias espec\\u00edficas de dispositivos SYNC, permite a un atacante descargar el archivo de configuraci\\u00f3n usado en el dispositivo y aplicar un archivo de configuraci\\u00f3n modificado al dispositivo. El ataque requiere el acceso a la red del dispositivo SYNC y el conocimiento de su direcci\\u00f3n IP. El ataque aprovecha el canal de comunicaci\\u00f3n no seguro usado entre la herramienta de administraci\\u00f3n Easyconnect y el dispositivo SYNC (en la familia de productos SYNC afectados).\"}]",
      "id": "CVE-2021-44564",
      "lastModified": "2024-11-21T06:31:13.317",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-01-06T12:15:08.190",
      "references": "[{\"url\": \"https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.kalkitech.com/cybersecurity/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.kalkitech.com/cybersecurity/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-44564\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-01-06T12:15:08.190\",\"lastModified\":\"2024-11-21T06:31:13.317\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A security vulnerability originally reported in the SYNC2101 product, and applicable to specific sub-families of SYNC devices, allows an attacker to download the configuration file used in the device and apply a modified configuration file back to the device. The attack requires network access to the SYNC device and knowledge of its IP address. The attack exploits the unsecured communication channel used between the administration tool Easyconnect and the SYNC device (in the affected family of SYNC products).\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de seguridad reportada originalmente en el producto SYNC2101, y aplicable a subfamilias espec\u00edficas de dispositivos SYNC, permite a un atacante descargar el archivo de configuraci\u00f3n usado en el dispositivo y aplicar un archivo de configuraci\u00f3n modificado al dispositivo. El ataque requiere el acceso a la red del dispositivo SYNC y el conocimiento de su direcci\u00f3n IP. El ataque aprovecha el canal de comunicaci\u00f3n no seguro usado entre la herramienta de administraci\u00f3n Easyconnect y el dispositivo SYNC (en la familia de productos SYNC afectados).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync241-m1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"88D85FB1-6FF7-4D55-A26A-352B7EB03722\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync241-m1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B1AA2BC-CA0A-4028-90D1-547CB0031389\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync241-m2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"911A0B2D-5290-42C5-9877-160B20F4D9AD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync241-m2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72558BCA-8D30-4842-BA8A-51BB4D26915C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync241-m4_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"D39E14B2-2C63-42FE-ABF3-6016E4F41432\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync241-m4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32E82DDF-D777-44DC-8FBF-C3F04663F9A9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync261-m1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"FFFF582F-D51E-428A-B00E-1F8519FC609A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync261-m1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3B18F41-ED50-42D3-B9D4-3DEF640EE228\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2000-m1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"F52CE9C4-7586-4342-8EB4-4F8E6E514A69\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2000-m1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A971040A-55A6-4833-8750-AF1870452FD6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2000-m2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"AE688854-F15C-4617-BBF5-ABB08CD8304C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2000-m2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA1AC32-480A-4FF1-8A01-5B59B2D5C139\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2000-m4_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"D164D066-98FB-4326-9BCE-D1AC32F02011\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2000-m4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06578C60-4641-4B0D-8CD3-C1F10A56C1E8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2101-m1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"317C3804-E08B-4EC3-9DCA-C34758A6488F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2101-m1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74E4360A-504B-46DE-B94A-6055B16AA697\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2101-m2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"615A140F-1611-4170-BE74-E0A8AFA1E1F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2101-m2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5C62DCF-E364-4EA1-B82C-531BDB45570A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2101-m6_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"EAC44331-522B-49A7-BC5E-DD3A072F9453\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2101-m6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1AC7FC0-6572-463D-A325-51AC5B7F8E6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2101-m7_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"DAB56747-F98E-4064-A228-8C383384702B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2101-m7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4F70EF2-3CDA-40C0-8683-19D74C202ACF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2101-m8_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"A7FD3B17-A78B-4CCD-965C-29DCEAFB41FC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2101-m8:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"231542BD-36DD-4B36-A8A9-9E4FA740E04B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2111-m2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"64050E57-2E3A-4752-90FC-4F0415F83641\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2111-m2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E004F8-D287-43A2-AF98-0269DAA3DA24\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync2111-m3_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"6C7FE851-E9D8-4ADE-A57A-D869BB8CF386\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync2111-m3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"550A1D61-948A-48CE-9900-CE86FE2E3347\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync3000-m1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"D05C9788-A6D1-458B-A926-706FCD175FEB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync3000-m1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F51E3F9-E8D7-4BF6-B435-F6926B4E2A6B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync3000-m2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"F410F404-6ECA-4303-94B3-D223D78B85F8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync3000-m2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0595CA0-9FAA-4FA2-8598-E6C5BE144055\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync3000-m3_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"F141A804-2F76-4AC3-8872-3AF1A7E0257F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync3000-m3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D704951-FA3B-4829-96A2-5EA36075DFF8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync3000-m4_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"626BCE19-E438-4ADE-9771-671B687FF0C8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync3000-m4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"727E9705-10AF-4889-823A-7EFC7C520410\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync3000-m12_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"9BDF76E6-3116-4AD2-BF74-E05757779507\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync3000-m12:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"120D54D9-B91A-405E-834C-4091C333541C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:kalkitech:sync221-m1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.15.3\",\"matchCriteriaId\":\"E5665FBD-37BE-4F60-B6B4-D67C1798B3B3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:kalkitech:sync221-m1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"735A8425-DA8A-4787-BBD5-1CBE83421D1E\"}]}]}],\"references\":[{\"url\":\"https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kalkitech.com/cybersecurity/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://kalkitech.com/wp-content/uploads/CYB_33631_Advisory.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kalkitech.com/cybersecurity/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.