4.3
CVE-2021-22769
- EPSS 0.23%
- Veröffentlicht 11.06.2021 16:15:10
- Zuletzt bearbeitet 21.11.2024 05:50:37
- Quelle cybersecurity@se.com
- Teams Watchlist Login
- Unerledigt Login
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Schneider-electric ≫ Easergy T300 Firmware Version <= 2.7.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.425 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-552 Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.