A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions), CP-8021 MASTER MODULE (All versions), CP-8022 MASTER MODULE WITH GPRS (All versions). The component allows to activate a web server module which provides unauthenticated access to its web pages. This could allow an attacker to retrieve debug-level information from the component such as internal network topology or connected systems.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-185638.pdf | Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-185638.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
21 Nov 2024, 06:33
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert-portal.siemens.com/productcert/pdf/ssa-185638.pdf - Vendor Advisory |
21 Jul 2023, 16:52
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
Information
Published : 2022-08-10 12:15
Updated : 2024-11-21 06:33
NVD link : CVE-2021-46304
Mitre link : CVE-2021-46304
CVE.ORG link : CVE-2021-46304
JSON object : View
Products Affected
siemens
- cp-8000_master_module_with_i\/o_-40\/\+70
- cp-8000_master_module_with_i\/o_-25\/\+70_firmware
- cp-8000_master_module_with_i\/o_-40\/\+70_firmware
- cp-8021_master_module
- cp-8022_master_module_with_gprs_firmware
- cp-8000_master_module_with_i\/o_-25\/\+70
- cp-8022_master_module_with_gprs
- cp-8021_master_module_firmware
CWE