Login Sign Up

CVE-2021-44207

8.1 HIGH
Authentication Bypass

📋 TL;DR

CVE-2021-44207 is a vulnerability in Acclaim USAHERDS software where hard-coded credentials allow attackers to gain unauthorized access. This affects all organizations using USAHERDS versions through 7.4.0.1 for animal health reporting and management.

💻 Affected Systems

Products:
  • Acclaim USAHERDS
Versions: through 7.4.0.1
Operating Systems: Windows (primary deployment)
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments using affected versions are vulnerable regardless of configuration.

📦 What is this software?

Usaherds by Acclaimsystems

View all CVEs affecting Usaherds →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing data theft, manipulation of animal health records, and potential ransomware deployment across the entire USAHERDS infrastructure.

🟠

Likely Case

Unauthorized access to sensitive animal health data, potential data exfiltration, and system manipulation affecting reporting accuracy.

🟢

If Mitigated

Limited impact with proper network segmentation and credential rotation, though hard-coded credentials remain a persistent risk.

🌐 Internet-Facing: HIGH if USAHERDS is exposed to internet, as hard-coded credentials provide easy authentication bypass.
🏢 Internal Only: HIGH even internally, as any compromised internal system could leverage these credentials for lateral movement.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Hard-coded credentials make exploitation trivial; CISA lists this as known exploited.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.4.0.2 or later

Vendor Advisory: https://www.acclaimsystems.com

Restart Required: Yes

Instructions:

1. Contact Acclaim Systems for patch 7.4.0.2 or later. 2. Apply patch following vendor instructions. 3. Restart USAHERDS services. 4. Verify patch application.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate USAHERDS systems from internet and restrict internal access to authorized networks only.

Credential Rotation

all

Change all database and system credentials that may have been exposed via hard-coded values.

🧯 If You Can't Patch

  • Immediately isolate USAHERDS systems from all networks except absolutely required connections
  • Implement strict network monitoring and alerting for unauthorized access attempts to USAHERDS systems

🔍 How to Verify

Check if Vulnerable:

Check USAHERDS version in application interface or configuration files; versions ≤7.4.0.1 are vulnerable.

Check Version:

Check USAHERDS application interface or consult system documentation for version information

Verify Fix Applied:

Verify version is ≥7.4.0.2 and test authentication with previously known hard-coded credentials fails.

📡 Detection & Monitoring

Log Indicators:

  • Failed authentication attempts followed by successful logins with default credentials
  • Unusual access patterns to USAHERDS databases

Network Indicators:

  • Unexpected connections to USAHERDS database ports from unauthorized sources

SIEM Query:

source="USAHERDS" AND (event_type="authentication" AND result="success" AND user="default" OR user="admin")

📊 Metadata

CVE ID: CVE-2021-44207
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-798
Published: December 21, 2021
Last Updated: November 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-44207, you might also want to check these:

CVE-2025-20188 10.0

This critical vulnerability in Cisco IOS XE Wireless LAN Controllers allows unauthenticated remote a...

Same vulnerability type (CWE-798)
CVE-2026-22769 10.0

Dell RecoverPoint for Virtual Machines versions before 6.0.3.1 HF1 contain hardcoded credentials tha...

Same vulnerability type (CWE-798)
CVE-2021-0248 10.0

This vulnerability involves hard-coded credentials in Juniper Junos OS on NFX Series devices, allowi...

Same vulnerability type (CWE-798)