Date Published: 2021-12-29
QID 590638: Schneider Electric EcoStruxure IT Gateway Apache Log4j Vulnerability (Log4Shell) (SESB-2021-347-01)
Schneider Electric reports the vulnerability affects the following EcoStruxure IT Gateway versions:
versions 1.5.0 to version 1.13.0
CISA will update this document as more mitigations are identified by affected vendors.
QID Detection Logic (Authenticated):
QID checks for the Vulnerable version of using passive scanning.
Successful exploitation of this vulnerability could allow for unauthenticated remote code execution (RCE) and possibly access to servers.
- SESB-2021-347-01 - www.se.com/ww/en/download/document/SESB-2021-347-01/