CVE-2021-22281

: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.
Configurations

Configuration 1 (hide)

cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*

History

10 Feb 2024, 01:03

Type Values Removed Values Added
CPE cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-23 CWE-22
First Time Br-automation automation Studio
Br-automation
References () https://www.br-automation.com/fileadmin/2021-11_ZipSlip_Vulnerability_in_Automation_Studio_Project_Import-b90d2f42.pdf - () https://www.br-automation.com/fileadmin/2021-11_ZipSlip_Vulnerability_in_Automation_Studio_Project_Import-b90d2f42.pdf - Vendor Advisory

02 Feb 2024, 12:15

Type Values Removed Values Added
Summary : Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automation Studio: from 4.0 through 4.12. : Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.

02 Feb 2024, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-02 08:15

Updated : 2024-02-28 20:54


NVD link : CVE-2021-22281

Mitre link : CVE-2021-22281

CVE.ORG link : CVE-2021-22281


JSON object : View

Products Affected

br-automation

  • automation_studio
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-23

Relative Path Traversal