← Voltar para CVEs
CVE-2021-41543
MEDIUM6.5
Descricao
A vulnerability has been identified in Climatix POL909 (AWB module) (All versions < V11.44), Climatix POL909 (AWM module) (All versions < V11.36). The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access sensitive files.
Detalhes CVE
Pontuacao CVSS v3.16.5
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado3/8/2022
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
siemens:climatix_pol909siemens:climatix_pol909_firmware
Fraquezas (CWE)
CWE-284CWE-532
Referencias
https://cert-portal.siemens.com/productcert/pdf/ssa-252466.pdf(productcert@siemens.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-252466.pdf(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.