Unrated severityNVD Advisory· Published Jan 11, 2022· Updated Aug 4, 2024

CVE-2021-45034

Description

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions < V16.20), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions < V16.20), CP-8021 MASTER MODULE (All versions < V16.20), CP-8022 MASTER MODULE WITH GPRS (All versions < V16.20). The web server of the affected system allows access to logfiles and diagnostic data generated by a privileged user. An unauthenticated attacker could access the files by knowing the corresponding download links.

Affected products

Siemens Foundation/CP-8000 MASTER MODULE WITH I/O -25/+70°Ccpe-rescue2 versions
All versions < V16.20+ 1 more
- (no CPE)range: All versions < V16.20
- (no CPE)range: All versions < V16.20
Siemens Foundation/CP-8031 MASTER MODULEcpe-rescue
Range: All versions < V16.20
Siemens/CP-8022 MASTER MODULE WITH GPRSv5
Range: All versions < V16.20

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/166743/Siemens-A8000-CP-8050-CP-8031-SICAM-WEB-Missing-File-Download-Missing-Authentication.htmlmitrex_refsource_MISC
seclists.org/fulldisclosure/2022/Apr/20mitremailing-listx_refsource_FULLDISC
cert-portal.siemens.com/productcert/pdf/ssa-324998.pdfmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000