Lucene search

[email protected]CVE-2021-30187

HistoryMay 25, 2021 - 12:15 p.m.

CVE-2021-30187

2021-05-2512:15:07

CWE-78

[email protected]

web.nvd.nist.gov

cve-2021-30187

codesys

v2 runtime

security

vulnerability

os command

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.

Affected configurations

NVD

Node

codesysruntime_toolkitRange<2.4.7.55x86

CPENameOperatorVersion
codesys:runtime_toolkitcodesys runtime toolkitlt2.4.7.55

CPE	Name	Operator	Version
codesys:runtime_toolkit	codesys runtime toolkit	lt	2.4.7.55

References

customers.codesys.com/index.php

customers.codesys.com/index.php?eID=dumpFile&t=f&f=14727&token=25159b0fc4355f4c6bc2e074a519a9d0cdb23fbb&download=

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

Related for CVE-2021-30187

nvd1 prion1 cvelist1 ics1 thn1