CVE-2021-45421

Опубликовано: 14 фев. 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced

Ссылки

http://dixell.com
Product
http://emerson.com
Vendor Advisory
https://www.swascan.com/emerson
Exploit
Third Party Advisory
http://dixell.com
Product
http://emerson.com
Vendor Advisory
https://www.swascan.com/emerson
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:emerson:dixell_xweb-500_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:emerson:dixell_xweb-500:-:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00386

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-h872-jxr7-q7rj

CVSS3: 7.5

github

почти 4 года назад

** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.

BDU:2024-00857

CVSS3: 7.5

fstec

почти 4 года назад

Уязвимость сервера компьютерного контроля и мониторинга холодильного оборудования Emerson Dixell XWEB-500, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 59%

0.00386

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200