Unrated severityNVD Advisory· Published Sep 2, 2021· Updated Aug 3, 2024
CVE-2021-22704
CVE-2021-22704
Description
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions prior to V2.0) that could cause a Denial of Service or unauthorized access to system information when connecting to the Harmony HMI over FTP.
Affected products
4- Schneider Electric/Harmony/HMI Products Configured by Vijeo Designerdescription
- Range: < V6.2 SP11
- Range: < V2.0
- Range: < V1.2
Patches
Vulnerability mechanics
References
1- download.schneider-electric.com/filesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.