CVE-2021-43394
CRITICALUnisys OS 2200 Messaging Integration Services - Auth Bypass
Title source: llmDescription
Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=66
Scores
CVSS v3
9.8
EPSS
0.0117
EPSS Percentile
63.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (4)
unisys/messaging_integration_services
7r3b_ic3
unisys/messaging_integration_services
7r3b_ic4
unisys/messaging_integration_services
7r3c
unisys/messaging_integration_services
7r3d
Published
Jan 24, 2022
Tracked Since
Feb 18, 2026