CVE-2021-22769
Published Jun 11, 2021
Last updated 3 years ago
Overview
- Description
- A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.
- Source
- cybersecurity@se.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- cybersecurity@se.com
- CWE-552
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:easergy_t300:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "45E6C3FA-001D-449A-A512-327FA0C9AC5A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:easergy_t300_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E07AFED6-47CC-4A19-80DB-C537F4F07736",
"versionEndIncluding": "2.7.1"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]