Files or Directories Exposure in Easergy T300 by Schneider Electric
CVE-2021-22769

4.3MEDIUM

Key Information:

Vendor: Schneider Electric
Status: Easergy T300 With Firmware V2.7.1 And Older
Vendor: CVE Published:; 11 June 2021

Summary

The Easergy T300 device with firmware versions V2.7.1 and older exhibits a vulnerability allowing unauthorized external access to sensitive files or directory content. This weakness can be exploited when access controls are misconfigured or absent, potentially leading to data leakage.

Affected Version(s)

Easergy T300 with firmware V2.7.1 and older Easergy T300 with firmware V2.7.1 and older

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 11, 2021
Vulnerability Reserved
Jan 6, 2021