ECOA Riskbuster
Approved changes feed: RSS · Atom
cpe:2.3:h:ecoa:riskbuster:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Ecoa (9b3505e1-e942-58fa-a951-d0e6cb7e6512) |
|---|---|
| Product | Riskbuster (66365935-ad0c-5795-b8f3-83e7311296bb) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-41302 |
not_vulnerable | 2026-06-08 05:35:20.181565 |
ECOA BAS controller - Missing Encryption of Sensitive Data
HIGH (7.3)
ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the unauthenticated attacker can remotely query user password and obtain user’s privilege.
Published: 2021-09-30T10:41:08.156Z
Updated: 2024-09-16T20:21:36.719Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41300 |
not_vulnerable | 2026-06-08 05:35:20.165410 |
ECOA BAS controller - Insufficiently Protected Credentials-2
CRITICAL (9.8)
ECOA BAS controller’s special page displays user account and passwords in plain text, thus unauthenticated attackers can access the page and obtain privilege with full functionality.
Published: 2021-09-30T10:41:05.097Z
Updated: 2024-09-16T23:41:00.205Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41299 |
not_vulnerable | 2026-06-08 05:35:20.157835 |
ECOA BAS controller - Use of Hard-coded Credentials
CRITICAL (9.8)
ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator’s privilege without logging in.
Published: 2021-09-30T10:41:03.577Z
Updated: 2024-09-16T17:22:44.543Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41298 |
not_vulnerable | 2026-06-08 05:35:20.157137 |
ECOA BAS controller - Improper Access Control
HIGH (8.8)
ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden resources in the system and execute privileged functionalities.
Published: 2021-09-30T10:41:02.047Z
Updated: 2024-09-16T20:16:40.291Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41297 |
not_vulnerable | 2026-06-08 05:35:20.156428 |
ECOA BAS controller - Insufficiently Protected Credentials-1
HIGH (8.8)
ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate privileges by disclosing credentials of administrative accounts in plain-text.
Published: 2021-09-30T10:41:00.486Z
Updated: 2024-09-16T20:22:39.752Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41296 |
not_vulnerable | 2026-06-08 05:35:20.155539 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41295 |
not_vulnerable | 2026-06-08 05:35:20.154497 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41294 |
not_vulnerable | 2026-06-08 05:35:20.153558 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41293 |
not_vulnerable | 2026-06-08 05:35:20.152941 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41292 |
not_vulnerable | 2026-06-08 05:35:20.152000 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41291 |
not_vulnerable | 2026-06-08 05:35:20.151238 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41290 |
not_vulnerable | 2026-06-08 05:35:20.149479 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.