Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors.
References
Configurations
Configuration 1 (hide)
AND |
|
History
01 Mar 2021, 17:17
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-200 | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 4.3 |
CPE | cpe:2.3:o:contec:sv-cpt-mc310_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:contec:sv-cpt-mc310:-:*:*:*:*:*:*:* |
|
References | (MISC) https://www.contec.com/jp/download/contract/contract2/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e&downloaditemid=fa248fba-8901-4d9e-8212-b139f2defbdf - Vendor Advisory | |
References | (MISC) https://www.contec.com/jp/api/downloadlogger?download=https://www.contec.com/jp/-/media/contec/jp/support/security-info/contec_security_solarview_210216.pdf - Vendor Advisory | |
References | (MISC) https://jvn.jp/en/jp/JVN37417423/index.html - Third Party Advisory |
24 Feb 2021, 12:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-24 12:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-20656
Mitre link : CVE-2021-20656
CVE.ORG link : CVE-2021-20656
JSON object : View
Products Affected
contec
- sv-cpt-mc310_firmware
- sv-cpt-mc310
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor