- Description
- A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.
- Source
- cybersecurity@se.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
- cybersecurity@se.com
- CWE-552
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:easergy_t300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "45E6C3FA-001D-449A-A512-327FA0C9AC5A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:easergy_t300_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E07AFED6-47CC-4A19-80DB-C537F4F07736",
"versionEndIncluding": "2.7.1"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]