Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-27388

Опубликовано: 15 июн. 2021
Источник: nvd
CVSS3: 9.8
CVSS2: 7.5
EPSS Низкий

Описание

SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*

EPSS

Процентиль: 83%
0.01865
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

github логотип

GHSA-78x7-234w-r2hv

github
больше 3 лет назад

SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).

EPSS

Процентиль: 83%
0.01865
Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-20