Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2021-22701

Published: 19/02/2021 Updated: 03/02/2022
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 4.5 | Impact Score: 3.6 | Exploitability Score: 0.9
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Schneider-electric

Vulnerability Summary

A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when using the HTTP web interface.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

schneider-electric powerlogic_ion7400_firmware

schneider-electric powerlogic_ion7650_firmware

schneider-electric powerlogic_ion8600_firmware

schneider-electric powerlogic_ion8650_firmware

schneider-electric powerlogic_ion8800_firmware

schneider-electric powerlogic_ion9000_firmware

schneider-electric powerlogic_pm8000_firmware

schneider-electric powerlogic_ion8300_firmware

schneider-electric powerlogic_ion8400_firmware

schneider-electric powerlogic_ion8500_firmware

References

CWE-352https://www.se.com/ww/en/download/document/SEVD-2021-040-01/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook