Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2021-20595

🗓️ 13 Jul 2021 10:54:01Reported by MitsubishiType 
cve
 cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 46 Views

CVE-2021-20595: Improper Restriction of XML External Entity Reference vulnerability in Mitsubishi Electric Air Conditioning System/Centralized Controller

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
CNNVD		Mitsubishi Electric Air Conditioning Systems 代码问题漏洞
1 Jul 202100:00
cnnvd
Cvelist		CVE-2021-20595
13 Jul 202110:54
cvelist
EUVD		EUVD-2021-8013
3 Oct 202520:07
euvd
ICS		Mitsubishi Electric Air Conditioning Systems
1 Jul 202100:00
ics
NVD		CVE-2021-20595
13 Jul 202111:15
nvd
Prion		Xxe
13 Jul 202111:15
prion
RedhatCVE		CVE-2021-20595
22 May 202520:59
redhatcve
NVD
Node
mitsubishig-50a_firmwareRange2.503.35
AND
mitsubishig-50aMatch-
Node
mitsubishigb-50a_firmwareRange2.503.35
AND
mitsubishigb-50aMatch-
Node
mitsubishiag-150a-a_firmwareRange3.20
AND
mitsubishiag-150a-aMatch-
Node
mitsubishiag-150a-j_firmwareRange3.20
AND
mitsubishiag-150a-jMatch-
Node
mitsubishigb-50ada-a_firmwareRange3.20
AND
mitsubishigb-50ada-aMatch-
Node
mitsubishigb-50ada-j_firmwareRange3.20
AND
mitsubishigb-50ada-jMatch-
Node
mitsubishieb-50gu-a_firmwareRange7.09
AND
mitsubishieb-50gu-aMatch-
Node
mitsubishieb-50gu-j_firmwareRange7.09
AND
mitsubishieb-50gu-jMatch-
Node
mitsubishiae-200a_firmwareRange7.93
AND
mitsubishiae-200aMatch-
Node
mitsubishiae-200e_firmwareRange7.93
AND
mitsubishiae-200eMatch-
Node
mitsubishiae-50a_firmwareRange7.93
AND
mitsubishiae-50aMatch-
Node
mitsubishiae-50e_firmwareRange7.93
AND
mitsubishiae-50eMatch-
Node
mitsubishiew-50a_firmwareRange7.93
AND
mitsubishiew-50aMatch-
Node
mitsubishiew-50e_firmwareRange7.93
AND
mitsubishiew-50eMatch-
Node
mitsubishite-200a_firmwareRange7.93
AND
mitsubishite-200aMatch-
Node
mitsubishite-50a_firmwareRange7.93
AND
mitsubishite-50aMatch-
Node
mitsubishitw-50a_firmwareRange7.93
AND
mitsubishitw-50aMatch-
Node
mitsubishicms-rmd-j_firmwareRange1.30
AND
mitsubishicms-rmd-jMatch-
Node
mitsubishipac-yg50eca_firmwareRange2.20
AND
mitsubishipac-yg50ecaMatch-
[
  {
    "product": "Air Conditioning System/Centralized Controllers G-50A; GB-50A; GB-24A; AG-150A-A; AG-150A-J; GB-50ADA-A; GB-50ADA-J; EB-50GU-A; EB-50GU-J; AE-200A; AE-200E; AE-50A; AE-50E; EW-50A; EW-50E; TE-200A; TE-50A; TW-50A; CMS-RMD-J; Air Conditioning System/Expansion Controllers PAC-YG50ECA; Air Conditioning System/BM adapter BAC-HD150",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Ver.3.35 and prior"
      },
      {
        "status": "affected",
        "version": "Ver.9.11 and prior"
      },
      {
        "status": "affected",
        "version": "Ver.3.20 and prior"
      },
      {
        "status": "affected",
        "version": "Ver 7.09 and prior"
      },
      {
        "status": "affected",
        "version": "Ver 7.93 and prior"
      },
      {
        "status": "affected",
        "version": "Ver.1.30 and prior"
      },
      {
        "status": "affected",
        "version": "Ver.2.20 and prior"
      },
      {
        "status": "affected",
        "version": "Ver.2.21 and prior"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 05:46Current
8.1High risk
Vulners AI Score8.1
CVSS 3.18.2
CVSS 28.5
EPSS0.00154
CWE-611
cve-2021-20595improper restrictionxml external entitymitsubishi electricair conditioningcentralized controllersvulnerabilitynvd
46