Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-22731 (GCVE-0-2021-22731)
Vulnerability from cvelistv5 – Published: 2021-05-26 19:19 – Updated: 2024-08-03 18:51
VLAI?
EPSS
Summary
Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.
Severity ?
No CVSS data available.
CWE
- CWE-640 - Weak Password Recovery Mechanism for Forgotten Password
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior |
Affected:
Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:51:06.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-640",
"description": "CWE-640: Weak Password Recovery Mechanism for Forgotten Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-26T19:19:23.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2021-22731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior",
"version": {
"version_data": [
{
"version_value": "Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-640: Weak Password Recovery Mechanism for Forgotten Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01",
"refsource": "MISC",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2021-22731",
"datePublished": "2021-05-26T19:19:23.000Z",
"dateReserved": "2021-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:51:06.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2021-22731
Vulnerability from fkie_nvd - Published: 2021-05-26 20:15 - Updated: 2024-11-21 05:50
Severity ?
Summary
Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.
References
| URL | Tags | ||
|---|---|---|---|
| cybersecurity@se.com | https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesp083f23g0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE56838D-64AB-46F1-BD5F-1A758FFEA86F",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesp083f23g0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76189346-40F5-4AD0-BF60-4ECD6FA3F5C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesp083f23g0t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE8E5A5-31D2-4551-BF04-6CF866C72E48",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesp083f23g0t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1062C777-E64F-4DB7-B74B-87AB50DC00A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm043f23f0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CB244B6-6C64-459C-8829-441CA612AE87",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm043f23f0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1CFDBB-21EF-4627-B2A2-23BF4AF371B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm053f1cu0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DAFBA5A-B9D1-4F15-AF1A-5B0D63A2E66F",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm053f1cu0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "902BE29F-EBC8-4148-B963-C18B97A01B48",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm063f2cu0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA42014-91C2-4939-A227-8A35D49C9046",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm063f2cu0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA5F865-A2D4-4EC5-A8BE-ED7D6FE04594",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm053f1cs0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF47338-DCD8-4446-83A8-3BF3ED31E631",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm053f1cs0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0B52D7-CD51-4193-8671-174551E5DABC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm063f2cs0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C47F14D-8F92-41C6-AC3D-DE337EBC2329",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm063f2cs0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5CFEBC9-3269-45BF-83C9-3E5C98D377B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm083f23f0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2753ECF-8BE6-4D01-BCA6-08670D029B64",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm083f23f0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C8921B-5F6E-4760-B46B-49A652CA3A75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm103f2cu0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B731B68D-5830-4974-A8E7-A90A6BD9F922",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm103f2cu0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC392C4A-0CD6-442F-BC05-0AB70999D0C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm083f23f0h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4430F231-4759-403E-8DD1-3EB92F56B5D1",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm083f23f0h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B869FB07-9FEE-45E6-B48D-9DFF7D773DD3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm103f2cu0h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D00737-1BE3-4CDE-9910-6CBA5F4846BD",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm103f2cu0h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFEBD24-D136-4DD7-B834-008FD707AFBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm103f2cs0h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37BAF0C6-50C8-43FB-A80A-56700BE1063C",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm103f2cs0h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "468C59AC-C017-4B54-B400-769D5A7B0711",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm123f2lg0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B38FA7F5-DC67-4F9B-B2B1-A1D3F42C30A7",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm123f2lg0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "833B82C6-C621-4E41-A80F-A4AB806AB07A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm093f1cu0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DFDE537-2D8F-4F2F-B641-102E60663C84",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm093f1cu0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C09DCE5-2128-4A17-9187-AC0FCE111446",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm093f1cs0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78CCA9C0-277A-4AE2-9FDD-6992F1DC7492",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm093f1cs0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "375DDEF7-9AAF-4973-B72C-BFAB4CF46F5B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:mcsesm103f2cs0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD204C41-8EEA-4847-9712-AA5BBEA5CDEF",
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:mcsesm103f2cs0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF26B84A-0412-4C7A-B96C-9220E21C7A65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad del Mecanismo de Recuperaci\u00f3n de Contrase\u00f1a d\u00e9bil para Contrase\u00f1a Olvidada en Modicon Managed Switch MCSESM* y MCSESP* versiones V8.21 y anteriores, lo que podr\u00eda causar un cambio de contrase\u00f1a no autorizada mediante protocolo HTTP / HTTPS cuando la informaci\u00f3n b\u00e1sica del usuario es conocida por un atacante remoto"
}
],
"id": "CVE-2021-22731",
"lastModified": "2024-11-21T05:50:33.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-26T20:15:08.927",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-640"
}
],
"source": "cybersecurity@se.com",
"type": "Secondary"
}
]
}
GHSA-6Q5V-82V5-MPF9
Vulnerability from github – Published: 2022-05-24 19:03 – Updated: 2022-05-24 19:03
VLAI?
Details
Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM and MCSESP V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.
{
"affected": [],
"aliases": [
"CVE-2021-22731"
],
"database_specific": {
"cwe_ids": [
"CWE-640"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-26T20:15:00Z",
"severity": "CRITICAL"
},
"details": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.",
"id": "GHSA-6q5v-82v5-mpf9",
"modified": "2022-05-24T19:03:17Z",
"published": "2022-05-24T19:03:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22731"
},
{
"type": "WEB",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2021-22731
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-22731",
"description": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.",
"id": "GSD-2021-22731"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-22731"
],
"details": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker.",
"id": "GSD-2021-22731",
"modified": "2023-12-13T01:23:24.139867Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2021-22731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior ",
"version": {
"version_data": [
{
"version_value": "Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-640: Weak Password Recovery Mechanism for Forgotten Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01",
"refsource": "MISC",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesp083f23g0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesp083f23g0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesp083f23g0t_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesp083f23g0t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm043f23f0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm043f23f0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm053f1cu0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm053f1cu0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm063f2cu0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm063f2cu0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm053f1cs0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm053f1cs0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm063f2cs0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm063f2cs0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm083f23f0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm083f23f0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm103f2cu0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm103f2cu0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm083f23f0h_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm083f23f0h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm103f2cu0h_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm103f2cu0h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm103f2cs0h_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm103f2cs0h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm123f2lg0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm123f2lg0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm093f1cu0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm093f1cu0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm093f1cs0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm093f1cs0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:mcsesm103f2cs0_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.22",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:mcsesm103f2cs0:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2021-22731"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-02-01T18:12Z",
"publishedDate": "2021-05-26T20:15Z"
}
}
}
CERTFR-2021-AVI-370
Vulnerability from certfr_avis - Published: 2021-05-12 - Updated: 2021-05-12
De multiples vulnérabilités ont été découvertes dans les produits Schneider. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | EcoStruxure Machine Expert versions antérieures à 2.0 | ||
| N/A | N/A | spaceLYnk versions antérieures à 2.61 (ne corrige pas toutes les vulnérabilités) | ||
| N/A | N/A | Triconex modèle 3009 MP versions Tricon antérieures à 11.8.0 (build 753) | ||
| N/A | N/A | micrologiciel pour Modicon M241/M251 versions antérieures à 5.1.9.14 | ||
| N/A | N/A | TCM 4351B versions Tricon antérieures à 11.5.1 ou 11.7.1 (build 638) | ||
| N/A | N/A | micrologiciel pour Modicon M218/M241/M251/M262, LMC PacDrive Eco/Pro/Pro2, HMISCU Logic Controllers sans le dernier correctif | ||
| N/A | N/A | Harmony STO, STU, GTO, GTU, GTUX, KG configuré par Vijeo Designer versions antérieures à 6.2 SP11 | ||
| N/A | N/A | Modicon Managed Switch MCSESM et MCSESP versions antérieures à 8.22 | ||
| N/A | N/A | homeLYnk versions antérieures à 2.61 (ne corrige pas toutes les vulnérabilités) | ||
| N/A | N/A | Harmony HMISCU configuré par EcoStruxure Machine Expert versions antérieures à 2.0 | ||
| N/A | N/A | Geo SCADA Expert 2020 version April 2021 (83.7787.1) |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "EcoStruxure Machine Expert versions ant\u00e9rieures \u00e0 2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "spaceLYnk versions ant\u00e9rieures \u00e0 2.61 (ne corrige pas toutes les vuln\u00e9rabilit\u00e9s)",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Triconex mod\u00e8le 3009 MP versions Tricon ant\u00e9rieures \u00e0 11.8.0 (build 753)",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "micrologiciel pour Modicon M241/M251 versions ant\u00e9rieures \u00e0 5.1.9.14",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "TCM 4351B versions Tricon ant\u00e9rieures \u00e0 11.5.1 ou 11.7.1 (build 638)",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "micrologiciel pour Modicon M218/M241/M251/M262, LMC PacDrive Eco/Pro/Pro2, HMISCU Logic Controllers sans le dernier correctif",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Harmony STO, STU, GTO, GTU, GTUX, KG configur\u00e9 par Vijeo Designer versions ant\u00e9rieures \u00e0 6.2 SP11",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Modicon Managed Switch MCSESM et MCSESP versions ant\u00e9rieures \u00e0 8.22",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "homeLYnk versions ant\u00e9rieures \u00e0 2.61 (ne corrige pas toutes les vuln\u00e9rabilit\u00e9s)",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Harmony HMISCU configur\u00e9 par EcoStruxure Machine Expert versions ant\u00e9rieures \u00e0 2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Geo SCADA Expert 2020 version April 2021 (83.7787.1)",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-22731",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22731"
},
{
"name": "CVE-2019-9008",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9008"
},
{
"name": "CVE-2021-22741",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22741"
},
{
"name": "CVE-2021-22747",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22747"
},
{
"name": "CVE-2021-22732",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22732"
},
{
"name": "CVE-2021-22742",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22742"
},
{
"name": "CVE-2021-22736",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22736"
},
{
"name": "CVE-2021-22733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22733"
},
{
"name": "CVE-2021-22744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22744"
},
{
"name": "CVE-2021-22740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22740"
},
{
"name": "CVE-2020-6081",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6081"
},
{
"name": "CVE-2021-22699",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22699"
},
{
"name": "CVE-2020-10245",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10245"
},
{
"name": "CVE-2020-7052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7052"
},
{
"name": "CVE-2019-13538",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13538"
},
{
"name": "CVE-2021-22705",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22705"
},
{
"name": "CVE-2021-22735",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22735"
},
{
"name": "CVE-2019-9009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9009"
},
{
"name": "CVE-2021-22734",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22734"
},
{
"name": "CVE-2021-22746",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22746"
},
{
"name": "CVE-2021-22737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22737"
},
{
"name": "CVE-2021-22743",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22743"
},
{
"name": "CVE-2021-22745",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22745"
},
{
"name": "CVE-2021-22738",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22738"
},
{
"name": "CVE-2021-22739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22739"
}
],
"initial_release_date": "2021-05-12T00:00:00",
"last_revision_date": "2021-05-12T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-370",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-05-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 la confidentialit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-130-04 du 11 mai 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-130-03 du 11 mai 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-130-02 du 11 mai 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-130-07 du 11 mai 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-07"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-130-01 du 11 mai 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-130-06 du 11 mai 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-06"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-130-05 du 11 mai 2021",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-05"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…