← Voltar para CVEs
CVE-2021-22769
MEDIUM4.3
Descricao
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.
Detalhes CVE
Pontuacao CVSS v3.14.3
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado6/11/2021
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
schneider-electric:easergy_t300schneider-electric:easergy_t300_firmware
Fraquezas (CWE)
CWE-552
Referencias
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02(cybersecurity@se.com)
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.