CVE-2021-22773

A CWE-620: Unverified Password Change vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker connected to the charging station web server to modify the password of a user.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:schneider-electric:evlink_city_evc1s22p4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:evlink_city_evc1s22p4:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:schneider-electric:evlink_city_evc1s7p4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:evlink_city_evc1s7p4:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:schneider-electric:evlink_parking_evw2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:evlink_parking_evw2:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:schneider-electric:evlink_parking_evf2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:evlink_parking_evf2:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:schneider-electric:evlink_parking_ev.2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:evlink_parking_ev.2:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:schneider-electric:evlink_smart_wallbox_evb1a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:evlink_smart_wallbox_evb1a:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-07-21 15:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-22773

Mitre link : CVE-2021-22773

CVE.ORG link : CVE-2021-22773


JSON object : View

Products Affected

schneider-electric

  • evlink_parking_evf2
  • evlink_parking_evw2_firmware
  • evlink_city_evc1s22p4_firmware
  • evlink_parking_ev.2
  • evlink_city_evc1s7p4_firmware
  • evlink_parking_ev.2_firmware
  • evlink_city_evc1s22p4
  • evlink_parking_evf2_firmware
  • evlink_smart_wallbox_evb1a_firmware
  • evlink_smart_wallbox_evb1a
  • evlink_parking_evw2
  • evlink_city_evc1s7p4
CWE
CWE-620

Unverified Password Change