{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T07:36:40.687","vulnerabilities":[{"cve":{"id":"CVE-2021-32997","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-05-25T14:15:08.517","lastModified":"2024-11-21T06:08:05.613","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. 3060\/00 versions 6.98 and prior, 3500 System 1, Part No. 3071\/xx & 3072\/xx versions 21.1 HF1 and prior, 3500 Rack Configuration, Part No. 129133-01 versions 6.4 and prior, and 3500\/22M Firmware, Part No. 288055-01 versions 5.05 and prior) utilize a weak encryption algorithm for storage and transmission of sensitive data, which may allow an attacker to more easily obtain credentials used for access."},{"lang":"es","value":"Los productos Baker Hughes Bentley Nevada afectados (3500 System 1 6.x, Part No. 3060\/00 versiones 6.98 y anteriores, 3500 System 1, Part No. 3071\/xx & 3072\/xx versiones 21.1 HF1 y anteriores, 3500 Rack Configuration, Part No. 129133-01 versiones 6. 4 y anteriores, y 3500\/22M Firmware, Part No. 288055-01 versiones 5.05 y anteriores) usan un algoritmo de cifrado débil para el almacenamiento y la transmisión de datos confidenciales, lo que puede permitir a un atacante obtener más fácilmente las credenciales usadas para el acceso"}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:L\/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:L\/Au:N\/C:P\/I:N\/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-916"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bakerhughes:bentley_nevada_3500_system_1_6.x_\\(3060\\\/00\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"6.98","matchCriteriaId":"5D198966-704F-472F-BDB2-DEEB373BEE97"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bakerhughes:bentley_nevada_3500_system_1_6.x_\\(3060\\\/00\\):-:*:*:*:*:*:*:*","matchCriteriaId":"92AFE33B-7B36-4E47-A3D2-58100666A687"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bakerhughes:bentley_nevada_3500_system_1_\\(3072\\\/xx\\)_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1","matchCriteriaId":"329219B4-4D50-4E8D-A031-E94625F75C71"},{"vulnerable":true,"criteria":"cpe:2.3:o:bakerhughes:bentley_nevada_3500_system_1_\\(3072\\\/xx\\)_firmware:21.1:-:*:*:*:*:*:*","matchCriteriaId":"8A12C1C9-8CF6-404E-891B-08AE58DC0918"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bakerhughes:bentley_nevada_3500_system_1_\\(3072\\\/xx\\):-:*:*:*:*:*:*:*","matchCriteriaId":"1242CC0D-91C8-44E3-B9C9-3AD981AE4516"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bakerhughes:bentley_nevada_3500_system_1_\\(3071\\\/xx\\)_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1","matchCriteriaId":"BE7806D1-8890-45A7-BF24-C352B8AF086A"},{"vulnerable":true,"criteria":"cpe:2.3:o:bakerhughes:bentley_nevada_3500_system_1_\\(3071\\\/xx\\)_firmware:21.1:-:*:*:*:*:*:*","matchCriteriaId":"2791BCC7-4440-4EF0-965B-9BE892CE94BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bakerhughes:bentley_nevada_3500_system_1_\\(3071\\\/xx\\):-:*:*:*:*:*:*:*","matchCriteriaId":"7A606BE6-A5AE-41F4-997F-07293E30BB8E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bakerhughes:bentley_nevada_3500\\\/22m_\\(288055-01\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.05","matchCriteriaId":"1DDD7FD6-0200-43B8-A5C1-AAF5CA75D47E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bakerhughes:bentley_nevada_3500\\\/22m_\\(288055-01\\):-:*:*:*:*:*:*:*","matchCriteriaId":"2A328241-DE36-4822-9D2C-BE96E708B2C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bakerhughes:bentley_nevada_3500_rack_configuration_\\(129133-01\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"6.4","matchCriteriaId":"B40E649D-AE52-49A9-9D96-D39538650C38"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bakerhughes:bentley_nevada_3500_rack_configuration_\\(129133-01\\):-:*:*:*:*:*:*:*","matchCriteriaId":"C683EA5A-7C17-4F64-9A7D-F15A5FA9E35A"}]}]}],"references":[{"url":"https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-21-231-02","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https:\/\/www.cisa.gov\/uscert\/ics\/advisories\/icsa-21-231-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}