CVE-2021-22701
Published Feb 19, 2021
Last updated 3 years ago
Overview
- Description
- A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when using the HTTP web interface.
- Source
- cybersecurity@se.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.5
- Impact score
- 3.6
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- cybersecurity@se.com
- CWE-352
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion7400_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCE7015C-02DD-44A1-ADEE-5E71CE312266",
"versionEndExcluding": "3.0.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion7400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C8F28EAA-FC60-4CE0-BD39-DFD3EB88E195"
},
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion7410:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C23FEAFC-9F15-4214-BF9C-A33130362110"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion7650_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1647241-A18D-4E4C-A118-8809EA625FC7"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion7650:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0DF2D964-79EF-43F2-9AC6-D263F75BAFA0"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion8600_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB6B0276-AB51-4B8F-B2A7-85EDD56C9E7C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion8600:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "324CF58A-753C-4D9C-8E72-FC8EE26EDA0D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion8650_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D91486A-36CD-49A9-8A45-EDAA75F05E50",
"versionEndIncluding": "4.31.2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion8650:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FBC3A306-D4F4-4C2A-9D60-DD8F0826AEEC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion8800_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C95DCE16-BAA5-46DD-835B-2299376387CD"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion8800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "46E8E79E-6DA7-4094-9622-3B91D5913493"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion9000_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32067EA8-5153-4A00-9DE8-C4BEC42C00A6",
"versionEndExcluding": "3.0.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion9000:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6718EAAA-074D-4807-AC2D-DD0A06D397FB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_pm8000_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5A75862-E1AC-4C6E-83AD-DE5FCD8BA50D",
"versionEndExcluding": "3.0.0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_pm8000:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B16A7BEC-1BED-4A61-A6C9-BF7DB13B998C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion8300_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1047C892-B7F5-49FB-AB36-8E8061A58037"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion8300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F01E9FE2-4110-4A6D-99F3-49784808D951"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion8400_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70BAC583-6101-4F26-A264-26E5D69E9188"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion8400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "82527983-6167-4D7B-A70A-D1A814ED3D06"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion8500_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "768FB179-B6D7-457C-9795-310400460F6E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion8500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "75E37742-CFF9-4F80-9B6A-0D4F5AD23112"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]