admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/34xxx/CVE-2021-34594.json
Anthony Singleton 938debeed0 Revert "November 2021 Patch Tuesday" 
This reverts commit df296d9e014bf68ef22c0583c98da3fbe42ea316.
2021-11-17 15:47:33 -05:00

111 lines
3.9 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2021-11-04T06:00:00.000Z",
"ID": "CVE-2021-34594",
"STATE": "PUBLIC",
"TITLE": "Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TwinCAT OPC UA Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "TF6100",
"version_value": "4.3.48.0"
},
{
"version_affected": "<",
"version_name": "TS6100",
"version_value": "4.3.48.0"
},
{
"version_affected": "<",
"version_name": "TcOpcUaServer version",
"version_value": "3.2.0.19423"
}
]
}
}
]
},
"vendor_name": "Beckhoff Automation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Beckhoff Automation thanks Johannes Olegård, Emre Süren, and Robert Lagerström for reporting the issue and for support and efforts with the coordinated disclosure."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-23 Relative Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/en/advisories/VDE-2021-051/",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en/advisories/VDE-2021-051/"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Please update to a recent version of the affected product (TF6100 or TS6100 version >= 4.3.48.0)"
}
],
"source": {
"advisory": "VDE-2021-051",
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink