CVE-2021-22769
Summary
| CVE | CVE-2021-22769 |
|---|---|
| State | PUBLISHED |
| Assigner | schneider |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-06-11 16:15:10 UTC |
| Updated | 2026-06-29 14:16:34 UTC |
| Description | A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted. |
Risk And Classification
Primary CVSS: v3.1 4.3 MEDIUM from [email protected]
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS: 0.006460000 probability, percentile 0.463220000 (date 2026-06-30)
Problem Types: CWE-552 | CWE-552 CWE-552: Files or Directories Accessible to External Parties
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
| 3.1 | ADP | DECLARED | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| 3.1 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | Secondary | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| 2.0 | [email protected] | Primary | 4 | AV:N/AC:L/Au:S/C:P/I:N/A:N |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
LowIntegrity
NoneAvailability
NoneCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
SingleConfidentiality
PartialIntegrity
NoneAvailability
NoneAV:N/AC:L/Au:S/C:P/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Schneider-electric | Easergy T300 | - | All | All | All |
| Operating System | Schneider-electric | Easergy T300 Firmware | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Na | Easergy T300 With Firmware V2.7.1 And Older | affected Easergy T300 with firmware V2.7.1 and older | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| download.schneider-electric.com/files | af854a3a-2127-422b-91ae-364da2661108 | download.schneider-electric.com | Vendor Advisory |
| MISC:http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-06 | MITRE | download.schneider-electric.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.