CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may
prevent user to update the device firmware and prevent proper behavior of the webserver when
specific files or directories are removed from the filesystem.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
History
23 Aug 2024, 16:04
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:schneider-electric:bmxnoe0100:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:bmxnoe0110:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:modicon_m340:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:* |
|
| References | () https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-01.pdf - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| First Time |
Schneider-electric bmxnoe0100
Schneider-electric Schneider-electric bmxnoe0100 Firmware Schneider-electric bmxnoe0110 Firmware Schneider-electric bmxnoe0110 Schneider-electric modicon M340 Schneider-electric modicon M340 Firmware |
12 Jun 2024, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-06-12 12:15
Updated : 2024-08-23 16:04
NVD link : CVE-2024-5056
Mitre link : CVE-2024-5056
JSON object : View
Products Affected
schneider-electric
- bmxnoe0110
- modicon_m340
- bmxnoe0100
- modicon_m340_firmware
- bmxnoe0110_firmware
- bmxnoe0100_firmware
CWE
CWE-552
Files or Directories Accessible to External Parties