Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveSchneiderCVE-2021-22817
HistoryFeb 09, 2022 - 11:15 p.m.

CVE-2021-22817

2022-02-0923:15:14
CWE-276
schneider
web.nvd.nist.gov
63
cwe-276
incorrect default permissions
harmony
magelis ipc series
vijeo designer
vijeo designer basic
unauthorized access
local privilege escalation
vulnerability
nvd

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0

Percentile

14.1%

JSON

A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. Affected Product: Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)

Affected configurations

Nvd
Node
schneider-electrichmibmuhi29d2801_firmware
AND
schneider-electrichmibmuhi29d2801Match-
Node
schneider-electrichmibmusi29d2801_firmware
AND
schneider-electrichmibmusi29d2801Match-
Node
schneider-electrichmibmuci29d2w01_firmware
AND
schneider-electrichmibmuci29d2w01Match-
Node
schneider-electrichmibmu0i29d2001_firmware
AND
schneider-electrichmibmu0i29d2001Match-
Node
schneider-electrichmibmu0i29d200a_firmware
AND
schneider-electrichmibmu0i29d200aMatch-
Node
schneider-electrichmibmuhi29d4801_firmware
AND
schneider-electrichmibmuhi29d4801Match-
Node
schneider-electrichmibmusi29d4801_firmware
AND
schneider-electrichmibmusi29d4801Match-
Node
schneider-electrichmibmuci29d4w01_firmware
AND
schneider-electrichmibmuci29d4w01Match-
Node
schneider-electrichmibmu0i29d4001_firmware
AND
schneider-electrichmibmu0i29d4001Match-
Node
schneider-electrichmibmu0i29d400a_firmware
AND
schneider-electrichmibmu0i29d400aMatch-
Node
schneider-electrichmibmu0i29di00a_firmware
AND
schneider-electrichmibmu0i29di00aMatch-
Node
schneider-electrichmibmu0i29de00a_firmware
AND
schneider-electrichmibmu0i29de00aMatch-
Node
schneider-electrichmibmphi74d2801_firmware
AND
schneider-electrichmibmphi74d2801Match-
Node
schneider-electrichmibmpsi74d2801_firmware
AND
schneider-electrichmibmpsi74d2801Match-
Node
schneider-electrichmibmp0i74d2001_firmware
AND
schneider-electrichmibmp0i74d2001Match-
Node
schneider-electrichmibmp0i74d200a_firmware
AND
schneider-electrichmibmp0i74d200aMatch-
Node
schneider-electrichmibmphi74d4801_firmware
AND
schneider-electrichmibmphi74d4801Match-
Node
schneider-electrichmibmpsi74d4801_firmware
AND
schneider-electrichmibmpsi74d4801Match-
Node
schneider-electrichmibmp0i74d4001_firmware
AND
schneider-electrichmibmp0i74d4001Match-
Node
schneider-electrichmibmp0i74d400a_firmware
AND
schneider-electrichmibmp0i74d400aMatch-
Node
schneider-electrichmibmp0i74di00a_firmware
AND
schneider-electrichmibmp0i74di00aMatch-
Node
schneider-electrichmibmp0i74de00a_firmware
AND
schneider-electrichmibmp0i74de00aMatch-
Node
schneider-electrichmibscea53d1l01_firmware
AND
schneider-electrichmibscea53d1l01Match-
Node
schneider-electrichmibmoma5ddf10l_firmware
AND
schneider-electrichmibmoma5ddf10lMatch-
Node
schneider-electrichmibmoma5dd1e01_firmware
AND
schneider-electrichmibmoma5dd1e01Match-
Node
schneider-electrichmibmoma5dd1101_firmware
AND
schneider-electrichmibmoma5dd1101Match-
Node
schneider-electrichmibmo0a5ddf10a_firmware
AND
schneider-electrichmibmo0a5ddf10aMatch-
Node
schneider-electrichmibmo0a5ddf101_firmware
AND
schneider-electrichmibmo0a5ddf101Match-
Node
schneider-electrichmibmo0a5dd1001_firmware
AND
schneider-electrichmibmo0a5dd1001Match-
Node
schneider-electrichmibmiea5dd1e01_firmware
AND
schneider-electrichmibmiea5dd1e01Match-
Node
schneider-electrichmibmiea5dd110l_firmware
AND
schneider-electrichmibmiea5dd110lMatch-
Node
schneider-electrichmibmiea5dd1101_firmware
AND
schneider-electrichmibmiea5dd1101Match-
Node
schneider-electrichmibmiea5dd100a_firmware
AND
schneider-electrichmibmiea5dd100aMatch-
Node
schneider-electrichmibmiea5dd1001_firmware
AND
schneider-electrichmibmiea5dd1001Match-
Node
schneider-electrichmibscea53d1l0t_firmware
AND
schneider-electrichmibscea53d1l0tMatch-
Node
schneider-electrichmibscea53d1l0a_firmware
AND
schneider-electrichmibscea53d1l0aMatch-
Node
schneider-electricvijeo_designerRange<1.2.1basic
OR
schneider-electricvijeo_designerRange<6.2-
OR
schneider-electricvijeo_designerMatch6.2--
OR
schneider-electricvijeo_designerMatch6.2sp1-
OR
schneider-electricvijeo_designerMatch6.2sp10-
OR
schneider-electricvijeo_designerMatch6.2sp11-
OR
schneider-electricvijeo_designerMatch6.2sp2-
OR
schneider-electricvijeo_designerMatch6.2sp3.1-
OR
schneider-electricvijeo_designerMatch6.2sp5.1-
OR
schneider-electricvijeo_designerMatch6.2sp6-
OR
schneider-electricvijeo_designerMatch6.2sp7-
OR
schneider-electricvijeo_designerMatch6.2sp8-
OR
schneider-electricvijeo_designerMatch6.2sp9-
VendorProductVersionCPE
schneider-electrichmibmuhi29d2801_firmware*cpe:2.3:o:schneider-electric:hmibmuhi29d2801_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmuhi29d2801-cpe:2.3:h:schneider-electric:hmibmuhi29d2801:-:*:*:*:*:*:*:*
schneider-electrichmibmusi29d2801_firmware*cpe:2.3:o:schneider-electric:hmibmusi29d2801_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmusi29d2801-cpe:2.3:h:schneider-electric:hmibmusi29d2801:-:*:*:*:*:*:*:*
schneider-electrichmibmuci29d2w01_firmware*cpe:2.3:o:schneider-electric:hmibmuci29d2w01_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmuci29d2w01-cpe:2.3:h:schneider-electric:hmibmuci29d2w01:-:*:*:*:*:*:*:*
schneider-electrichmibmu0i29d2001_firmware*cpe:2.3:o:schneider-electric:hmibmu0i29d2001_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmu0i29d2001-cpe:2.3:h:schneider-electric:hmibmu0i29d2001:-:*:*:*:*:*:*:*
schneider-electrichmibmu0i29d200a_firmware*cpe:2.3:o:schneider-electric:hmibmu0i29d200a_firmware:*:*:*:*:*:*:*:*
schneider-electrichmibmu0i29d200a-cpe:2.3:h:schneider-electric:hmibmu0i29d200a:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 851

CNA Affected

[
  {
    "product": "Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Harmony/Magelis iPC Series (All Versions), Vijeo Designer (All Versions prior to V6.2 SP11 Multiple HotFix 4), Vijeo Designer Basic (All Versions prior to V1.2.1)"
      }
    ]
  }
]

Related

cvelist 1
prion 1
nvd 1
cvelist
cvelist
CVE-2021-22817
2022-02-09 22:05:12
prion
prion
Design/Logic Flaw
2022-02-09 23:15:00
nvd
nvd
CVE-2021-22817
2022-02-09 23:15:14

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0

Percentile

14.1%

JSON
Related for CVE-2021-22817
cvelist1prion1nvd1