CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may
prevent user to update the device firmware and prevent proper behavior of the webserver when
specific files or directories are removed from the filesystem.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
23 Aug 2024, 16:04
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Schneider-electric
Schneider-electric modicon M340 Schneider-electric bmxnoe0100 Schneider-electric bmxnoe0110 Schneider-electric bmxnoe0110 Firmware Schneider-electric modicon M340 Firmware Schneider-electric bmxnoe0100 Firmware |
|
| References | () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-01.pdf - Vendor Advisory | |
| CPE | cpe:2.3:h:schneider-electric:bmxnoe0100:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxnoe0110:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340:*:*:*:*:*:*:*:* |
13 Jun 2024, 18:36
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
12 Jun 2024, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-06-12 12:15
Updated : 2024-08-23 16:04
NVD link : CVE-2024-5056
Mitre link : CVE-2024-5056
CVE.ORG link : CVE-2024-5056
JSON object : View
Products Affected
schneider-electric
- modicon_m340
- bmxnoe0110_firmware
- bmxnoe0100
- modicon_m340_firmware
- bmxnoe0110
- bmxnoe0100_firmware
CWE
CWE-552
Files or Directories Accessible to External Parties