Lucene search
CERTVDECVELIST:CVE-2021-33540HistoryJun 25, 2021 - 6:26 p.m.
CVE-2021-33540 Phoenix Contact: Undocumented FTP acces in certain AXL F BK and IL BK devices
2021-06-2518:26:04
CWE-798
CERTVDE
www.cve.org
3
cve-2021-33540
phoenix contact
undocumented ftp access
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
39.4%
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists.
CNA Affected
[
{
"platforms": [
"HW < 01"
],
"product": "AXL F BK",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F PN TPS XC (1068857)",
"versionType": "custom"
},
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F EIP EF (2702782)",
"versionType": "custom"
}
]
},
{
"platforms": [
"HW < 02"
],
"product": "AXL F BK",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F PN TPS (2403869)",
"versionType": "custom"
}
]
},
{
"platforms": [
"HW < 05"
],
"product": "AXL F BK",
"vendor": "Phoenix Contact",
"versions": [
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F EIP (2688394)",
"versionType": "custom"
},
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F ETH (2688459)",
"versionType": "custom"
},
{
"lessThan": "1.30",
"status": "affected",
"version": "AXL F ETH XC (2701949)",
"versionType": "custom"
},
{
"lessThan": "1.40",
"status": "affected",
"version": "AXL F S3 (2701686)",
"versionType": "custom"
}
]
},
{
"product": "AXL F BK",
"vendor": "Phoenix Contact",
"versions": [
{
"status": "affected",
"version": "AXL F PN (2701815) all revisions"
},
{
"status": "affected",
"version": "AXL F PN XC (2701222) all revisions"
},
{
"status": "affected",
"version": "AXL F ETH NET2 (2702177) all revisions"
},
{
"status": "affected",
"version": "AXL F SAS (2701457) all revisions"
}
]
},
{
"product": "IL",
"vendor": "Phoenix Contact",
"versions": [
{
"status": "affected",
"version": "IL PN BK-PAC (2403696) all revisions"
},
{
"status": "affected",
"version": "IL PN BK DI8 DO4 2TX-PAC (2703994) all revisions"
},
{
"status": "affected",
"version": "IL PN BK DI8 DO4 2SCRJ-PAC (2878379) all revisions"
},
{
"status": "affected",
"version": "IL ETH BK DI8 DO4 2TX-XC-PAC (2701388) all revisions"
},
{
"status": "affected",
"version": "IL ETH BK DI8 DO4 2TX-PAC (2703981) all revisions"
},
{
"status": "affected",
"version": "IL EIP BK DI8 DO4 2TX-PAC (2897758) all revisions"
},
{
"status": "affected",
"version": "IL S3 BK DI8 DO4 2TX-PAC (2692380) all revisions"
}
]
}
]Related
cve
cve
CVE-2021-33540
2021-06-25 19:15:09
nvd
nvd
CVE-2021-33540
2021-06-25 19:15:09
prion
prion
Design/Logic Flaw
2021-06-25 19:15:00
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
39.4%
Related for CVELIST:CVE-2021-33540