An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic.
References
| Link | Resource |
|---|---|
| https://www.schneider-electric.com/en/download/document/SEVD-2019-045-01/ | Vendor Advisory |
Configurations
History
31 Jan 2022, 20:47
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:se:somachine_basic:*:*:*:*:*:*:*:* cpe:2.3:h:se:modicon_m221:-:*:*:*:*:*:*:* |
cpe:2.3:a:schneider-electric:somachine_basic:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:* |
| First Time |
Schneider-electric somachine Basic
Schneider-electric Schneider-electric modicon M221 Schneider-electric modicon M221 Firmware |
23 Aug 2021, 17:25
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:* cpe:2.3:a:schneider-electric:somachine_basic:*:*:*:*:*:*:*:* |
cpe:2.3:o:se:modicon_m221_firmware:*:*:*:*:*:*:*:* cpe:2.3:a:se:somachine_basic:*:*:*:*:*:*:*:* cpe:2.3:h:se:modicon_m221:-:*:*:*:*:*:*:* |
Information
Published : 2019-05-22 20:29
Updated : 2023-12-10 12:59
NVD link : CVE-2018-7822
Mitre link : CVE-2018-7822
CVE.ORG link : CVE-2018-7822
JSON object : View
Products Affected
schneider-electric
- modicon_m221
- somachine_basic
- modicon_m221_firmware
CWE
CWE-276
Incorrect Default Permissions