7.5
CVE-2021-22766
- EPSS 1.08%
- Veröffentlicht 11.06.2021 16:15:10
- Zuletzt bearbeitet 21.11.2024 05:50:37
- Quelle cybersecurity@se.com
- CVE-Watchlists
- Unerledigt
LoginA CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service via a specially crafted HTTP packet
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Schneider-electric ≫ Powerlogic Egx100 Firmware Version >= 3.0.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.08% | 0.771 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.