Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

CVE-2022-21800 : What You Need to Know

Learn about CVE-2022-21800 affecting Airspan Networks MMP, PTP C-series, and PTMP C-series, how attackers could exploit the vulnerability, and steps to prevent password compromise.

Airspan Networks Mimosa Use of a Broken or Risky Cryptographic Algorithm

Understanding CVE-2022-21800

This CVE identifies vulnerabilities in multiple products of Airspan Networks, including MMP, PTP C-series, and PTMP C-series and A5x.

What is CVE-2022-21800?

The affected versions of these products use the MD5 algorithm to hash passwords without salting, making it possible for attackers to crack hashed passwords.

The Impact of CVE-2022-21800

The vulnerability poses a medium-severity risk with high confidentiality impact, potentially allowing attackers to compromise passwords.

Technical Details of CVE-2022-21800

Vulnerability Description

Airspan Networks devices store passwords hashed with MD5 algorithm without salting, exposing them to potential cracking by malicious actors.

Affected Systems and Versions

        MMP: All versions prior to v1.0.3
        PTP C-series: Versions prior to v2.8.6.1
        PTMP C-series and A5x: Versions prior to v2.5.4.1

Exploitation Mechanism

Attackers can exploit this vulnerability by leveraging the weak hashing mechanism to extract stored passwords.

Mitigation and Prevention

Immediate Steps to Take

Airspan Networks recommends users to update to the following versions:

        MMP: Version 1.0.4 or later
        PTP C5x and C5c: Version 2.90 or later
        PTMP C-series and A5x: Version 2.9.0 or later

Long-Term Security Practices

Ensure passwords are securely hashed and implement additional security measures to protect against password cracking attempts.

Patching and Updates

Regularly update Airspan Networks products to the latest recommended versions to mitigate the vulnerability.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now