CVE-2021-42021

🗓️ 09 Nov 2021 11:32:15Reported by siemensType

Path traversal vulnerability in Siveillance Video DLNA Server allows remote attackers to read arbitrary files.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-42021	9 Nov 202114:30	–	circl
CNNVD	Siveillance Video DLNA Server 路径遍历漏洞	9 Nov 202100:00	–	cnnvd
CNVD	Siemens Siveillance Video DLNA Server Path Traversal Vulnerability	11 Nov 202100:00	–	cnvd
Cvelist	CVE-2021-42021	9 Nov 202111:32	–	cvelist
EUVD	EUVD-2021-29009	3 Oct 202520:07	–	euvd
ICS	Siemens Siveillance Video DLNA Server	9 Nov 202100:00	–	ics
NVD	CVE-2021-42021	9 Nov 202112:15	–	nvd
Prion	Path traversal	9 Nov 202112:15	–	prion
RedhatCVE	CVE-2021-42021	22 May 202521:06	–	redhatcve

NVD

Node

siemens siveillance_video_management_software_2019_r1

siemens siveillance_video_management_software_2019_r2

siemens siveillance_video_management_software_2019_r3

siemens siveillance_video_management_software_2020_r1Match-

siemens siveillance_video_management_software_2020_r2Match-

AND

siemens siveillance_video_dlna_serverMatch-

[
  {
    "product": "Siveillance Video DLNA Server",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "2019 R1"
      }
    ]
  },
  {
    "product": "Siveillance Video DLNA Server",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "2019 R2"
      }
    ]
  },
  {
    "product": "Siveillance Video DLNA Server",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "2019 R3"
      }
    ]
  },
  {
    "product": "Siveillance Video DLNA Server",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "2020 R1"
      }
    ]
  },
  {
    "product": "Siveillance Video DLNA Server",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "2020 R2"
      }
    ]
  },
  {
    "product": "Siveillance Video DLNA Server",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "2020 R3"
      }
    ]
  },
  {
    "product": "Siveillance Video DLNA Server",
    "vendor": "Siemens",
    "versions": [
      {
        "status": "affected",
        "version": "2021 R1"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf

21 Nov 2024 06:27Current

7.4High risk

Vulners AI Score7.4

CVSS 25

CVSS 3.17.5

EPSS0.00995