Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500441.NASL
HistoryAug 10, 2021 - 12:00 a.m.

Schneider-electric Modicon Exposure of Sensitive Information to an Unauthorized Actor

2021-08-1000:00:00
This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
5

0.002 Low

EPSS

Percentile

60.9%

JSON

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior that could cause information leak concerning the current RTU configuration including communication parameters dedicated to telemetry, when a specially crafted HTTP request is sent to the web server of the module.

File data ot_500441.nasl
VendorProductVersionCPE
schneider-electricmodicon_x80_bmxnor0200h_rtu_firmwaresv1.6cpe:2.3:o:schneider-electric:modicon_x80_bmxnor0200h_rtu_firmware:sv1.6:ir4:*:*:*:*:*:*
schneider-electricmodicon_x80_bmxnor0200h_rtu_firmwaresv1.7cpe:2.3:o:schneider-electric:modicon_x80_bmxnor0200h_rtu_firmware:sv1.7:ir10:*:*:*:*:*:*
schneider-electricmodicon_x80_bmxnor0200h_rtu_firmwaresv1.7cpe:2.3:o:schneider-electric:modicon_x80_bmxnor0200h_rtu_firmware:sv1.7:ir15b:*:*:*:*:*:*
schneider-electricmodicon_x80_bmxnor0200h_rtu_firmwaresv1.7cpe:2.3:o:schneider-electric:modicon_x80_bmxnor0200h_rtu_firmware:sv1.7:ir17:*:*:*:*:*:*
schneider-electricmodicon_x80_bmxnor0200h_rtu_firmwaresv1.7cpe:2.3:o:schneider-electric:modicon_x80_bmxnor0200h_rtu_firmware:sv1.7:ir18:*:*:*:*:*:*
schneider-electricmodicon_x80_bmxnor0200h_rtu_firmwaresv1.7cpe:2.3:o:schneider-electric:modicon_x80_bmxnor0200h_rtu_firmware:sv1.7:ir19:*:*:*:*:*:*
schneider-electricmodicon_x80_bmxnor0200h_rtu_firmwaresv1.7cpe:2.3:o:schneider-electric:modicon_x80_bmxnor0200h_rtu_firmware:sv1.7:ir20:*:*:*:*:*:*

Related

ics 1
nvd 1
cvelist 1
cve 1
nessus 1
prion 1
ics
ics
Schneider Electric Modicon X80
2021-06-08 12:00:00
nvd
nvd
CVE-2021-22749
2021-06-11 16:15:09
cvelist
cvelist
CVE-2021-22749
2021-06-11 15:40:45
cve
cve
CVE-2021-22749
2021-06-11 16:15:09
nessus
nessus
Schneider Electric Modicon X80 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-22749)
2023-03-01 00:00:00
prion
prion
Design/Logic Flaw
2021-06-11 16:15:00

0.002 Low

EPSS

Percentile

60.9%

JSON
Related for OT_500441.NASL
ics1nvd1cvelist1cve1nessus1prion1