Lucene search

[email protected]NVD:CVE-2024-6421

HistoryJul 10, 2024 - 8:15 a.m.

CVE-2024-6421

2024-07-1008:15:11

CWE-200

[email protected]

web.nvd.nist.gov

remote attacker

sensitive information

ftp

configuration vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.4%

JSON

An unauthenticated remote attacker can read out sensitive device information through a incorrectly configured FTP service.

Affected configurations

Nvd

Node

pepperl-fuchsoit700-f113-b12-cb_firmwareRange≤2.11.0

AND

pepperl-fuchsoit700-f113-b12-cbMatch-

Node

pepperl-fuchsoit500-f113-b12-cb_firmwareRange≤2.11.0

AND

pepperl-fuchsoit500-f113-b12-cbMatch-

Node

pepperl-fuchsoit200-f113-b12-cb_firmwareRange≤2.11.0

AND

pepperl-fuchsoit200-f113-b12-cbMatch-

Node

pepperl-fuchsoit1500-f113-b12-cb_firmwareRange≤2.11.0

AND

pepperl-fuchsoit1500-f113-b12-cbMatch-

VendorProductVersionCPE
pepperl-fuchsoit700-f113-b12-cb_firmware*cpe:2.3:o:pepperl-fuchs:oit700-f113-b12-cb_firmware:*:*:*:*:*:*:*:*
pepperl-fuchsoit700-f113-b12-cb-cpe:2.3:h:pepperl-fuchs:oit700-f113-b12-cb:-:*:*:*:*:*:*:*
pepperl-fuchsoit500-f113-b12-cb_firmware*cpe:2.3:o:pepperl-fuchs:oit500-f113-b12-cb_firmware:*:*:*:*:*:*:*:*
pepperl-fuchsoit500-f113-b12-cb-cpe:2.3:h:pepperl-fuchs:oit500-f113-b12-cb:-:*:*:*:*:*:*:*
pepperl-fuchsoit200-f113-b12-cb_firmware*cpe:2.3:o:pepperl-fuchs:oit200-f113-b12-cb_firmware:*:*:*:*:*:*:*:*
pepperl-fuchsoit200-f113-b12-cb-cpe:2.3:h:pepperl-fuchs:oit200-f113-b12-cb:-:*:*:*:*:*:*:*
pepperl-fuchsoit1500-f113-b12-cb_firmware*cpe:2.3:o:pepperl-fuchs:oit1500-f113-b12-cb_firmware:*:*:*:*:*:*:*:*
pepperl-fuchsoit1500-f113-b12-cb-cpe:2.3:h:pepperl-fuchs:oit1500-f113-b12-cb:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pepperl-fuchs	oit700-f113-b12-cb_firmware	*	cpe:2.3:o:pepperl-fuchs:oit700-f113-b12-cb_firmware::::::::
pepperl-fuchs	oit700-f113-b12-cb	-	cpe:2.3:h:pepperl-fuchs:oit700-f113-b12-cb:-:::::::*
pepperl-fuchs	oit500-f113-b12-cb_firmware	*	cpe:2.3:o:pepperl-fuchs:oit500-f113-b12-cb_firmware::::::::
pepperl-fuchs	oit500-f113-b12-cb	-	cpe:2.3:h:pepperl-fuchs:oit500-f113-b12-cb:-:::::::*
pepperl-fuchs	oit200-f113-b12-cb_firmware	*	cpe:2.3:o:pepperl-fuchs:oit200-f113-b12-cb_firmware::::::::
pepperl-fuchs	oit200-f113-b12-cb	-	cpe:2.3:h:pepperl-fuchs:oit200-f113-b12-cb:-:::::::*
pepperl-fuchs	oit1500-f113-b12-cb_firmware	*	cpe:2.3:o:pepperl-fuchs:oit1500-f113-b12-cb_firmware::::::::
pepperl-fuchs	oit1500-f113-b12-cb	-	cpe:2.3:h:pepperl-fuchs:oit1500-f113-b12-cb:-:::::::*

References

cert.vde.com/en/advisories/VDE-2024-038

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.4%

JSON

Related for NVD:CVE-2024-6421

vulnrichment1 cvelist1 cve1