CVE-2021-33540

Published Jun 25, 2021
Last updated 3 years ago
CVSS high 7.3
Overview

Description: In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists.
Source: info@cert.vde.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.3
Impact score: 3.4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

info@cert.vde.com: CWE-798
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_pn_tps_xc_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFDC5C51-2A75-4523-B561-7ADD50B10BF5",
            "versionEndExcluding": "1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_pn_tps_xc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5F2CDFFD-35AA-49DA-ACBE-CE32DC223B05"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_pn_tps_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9A41683-F87C-4E06-9FED-12DDA5D0F0B0",
            "versionEndExcluding": "1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_pn_tps:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA89CC59-6F55-4E57-84BD-36510E0402EB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_eip_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4575019C-43A3-4FD8-9C1E-2C782BFF961B",
            "versionEndExcluding": "1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_eip:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EA53A30C-92B6-4A33-9BA2-8BAE4414C287"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_eip_ef_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB48E1D1-97AD-45ED-93B0-BA728FE06292",
            "versionEndExcluding": "1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_eip_ef:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "204A9634-16B1-4E79-98F5-3CDC91F80196"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_eth_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA494FD3-793A-41E7-A00E-18FC0543863A",
            "versionEndExcluding": "1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_eth:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3CA0113D-E784-4EEE-BD17-CE6655968C7B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_eth_xc_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CA275BB-5831-4339-AD6E-9B0BF35BC6A8",
            "versionEndExcluding": "1.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_eth_xc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AE8C0A1A-C282-41D2-AE69-6009DBCC8158"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_s35_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85E7A3AB-6126-4A16-80A7-EBEBB481B064",
            "versionEndExcluding": "1.40"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_s35:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2C8C4B79-993A-4B0F-8ADC-5BAFAA09C511"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_pn_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0C88DC1-31DE-4BDA-999D-2CA41E731FF2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_pn:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A276562B-496A-4E1A-B089-550799A03EDA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_pn_xc_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4ED13A7F-6B7E-4A9C-83A3-B93FE6749AF6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_pn_xc:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C02F408-A2C7-4CA7-ADC0-2AD95D6DE289"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_eth_net2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5232DCDC-ABAD-42BF-9186-C8762D1E2B17"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_eth_net2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7CEE8A77-2236-4C1B-A0F9-7F5B57EE3CE0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:axl_f_bk_sas_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94D6E434-B2B0-473A-823D-FBD07213AC59"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:axl_f_bk_sas:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D3A8644B-D526-4FC2-8117-4BEB4C5865B4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:il_pn_bk-pac_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBFE2876-4E6F-47C0-8580-1675E5FAF0F6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:il_pn_bk-pac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C35DC628-2DE5-4AB2-96B6-0E82E515FBFA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:il_pn_bk_di8_do4_2tx-pac_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E47B691-1A39-4806-A49E-C6E9828FCB01"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:il_pn_bk_di8_do4_2tx-pac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2C3496A7-FD97-4CBD-940C-3D2034BF250A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:il_pn_bk_di8_do4_2scrj-pac_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3543B575-6207-4627-B8E4-A70A9DDE3A25"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:il_pn_bk_di8_do4_2scrj-pac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CAE07C63-B9CD-4A66-AA1F-1E99412A8637"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:il_eth_bk_di8_do4_2tx-xc-pac_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "014BB5B4-21E2-4318-B205-CF962046D359"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:il_eth_bk_di8_do4_2tx-xc-pac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "80E91345-BD2A-4441-9496-D360E1052064"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:il_eth_bk_di8_do4_2tx-pac_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCFC53F5-DBAB-481F-B672-3FD915F44EE6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:il_eth_bk_di8_do4_2tx-pac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A88F454-F5A5-4F32-93FC-E9D69968EF66"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:il_eip_bk_di8_do4_2tx-pac_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BD946B2-2E7F-4EB7-97AD-D7D2F55A64DF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:il_eip_bk_di8_do4_2tx-pac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EE2A5646-FC8D-402E-98A1-91EE84601543"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:phoenixcontact:il_s3_bk_di8_do4_2tx-pac_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "403352FC-B0C7-4089-89D8-EB71593EA71A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:phoenixcontact:il_s3_bk_di8_do4_2tx-pac:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "36FC891A-C52C-463A-8144-52F12238FE00"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
