← Back to CVEs
CVE-2021-22769
MEDIUM4.3
Description
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.
CVE Details
CVSS v3.1 Score4.3
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published6/11/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
schneider-electric:easergy_t300schneider-electric:easergy_t300_firmware
Weaknesses (CWE)
CWE-552
References
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02(cybersecurity@se.com)
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.