CVE-2021-22797

🗓️ 28 Mar 2022 16:25:24Reported by schneiderType

CVE-2021-22797 CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerabilit

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-22797	13 Apr 202220:18	–	circl
CNNVD	Schneider Electric EcoStruxure Control Expert 路径遍历漏洞	20 Sep 202100:00	–	cnnvd
Cvelist	CVE-2021-22797	28 Mar 202216:25	–	cvelist
EUVD	EUVD-2021-9932	3 Oct 202520:07	–	euvd
ICS	Schneider Electric EcoStruxure and SCADAPack	16 Sep 202100:00	–	ics
NCSC	Vulnerability discovered in Schneider Electric EcoStruxure Control Expert	17 Sep 202100:00	–	ncsc
NVD	CVE-2021-22797	13 Apr 202216:15	–	nvd
Prion	Path traversal	13 Apr 202216:15	–	prion
RedhatCVE	CVE-2021-22797	6 Feb 202504:12	–	redhatcve
Zero Day Initiative	Schneider Electric EcoStruxure Control Expert Classic STU and STA File Parsing Directory Traversal Remote Code Execution Vulnerability	20 Sep 202100:00	–	zdi

NVD

Node

schneider-electric ecostruxure_control_expertRange<15.1

schneider-electric ecostruxure_process_expertRange<2021

Node

schneider-electric remoteconnectMatch-

AND

schneider-electric scadapack_470Match-

schneider-electric scadapack_474Match-

schneider-electric scadapack_570Match-

schneider-electric scadapack_574Match-

schneider-electric scadapack_575Match-

[
  {
    "product": "EcoStruxure Control Expert",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "lessThan": "V15.0 SP1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "EcoStruxure Process Expert",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "lessThan": "2020",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "SCADAPack RemoteConnect for x70",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

Source	Link
se	www.se.com/ww/en/download/document/SEVD-2021-257-01/

21 Nov 2024 05:50Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.8

CVSS 29.3

EPSS0.00972

CWE-22