Lucene search
IcscertCVELIST:CVE-2021-43938HistoryApr 29, 2022 - 3:18 p.m.
CVE-2021-43938 Elcomplus SmartPTT SCADA Server Information Exposure
2022-04-2915:18:14
CWE-200
icscert
www.cve.org
4
cve-2021-43938
smartptt scada server
information exposure
unauthenticated user
authentication
authorization
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.002
Percentile
61.4%
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization.
CNA Affected
[
{
"product": "SmartPTT SCADA Server",
"vendor": "Elcomplus",
"versions": [
{
"status": "affected",
"version": "1.4"
}
]
}
]Related
nvd
nvd
CVE-2021-43938
2022-04-29 16:15:08
cnvd
cnvd
Elcomplus SmartPPT Information Disclosure Vulnerability
2022-04-21 00:00:00
prion
prion
Authorization
2022-04-29 16:15:00
cve
cve
CVE-2021-43938
2022-04-29 16:15:08
ics
ics
Elcomplus SmartPTT SCADA Server
2022-04-25 12:00:00
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.002
Percentile
61.4%
Related for CVELIST:CVE-2021-43938