CVE-2021-22704
CVE-2021-22704
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 1.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
02 set 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ), Vijeo Designer Basic (all versions prior to V1.2), or EcoStruxure Machine Expert (all versions prior to V2.0) that could cause a Denial of Service or unauthorized access to system information when connecting to the Harmony HMI over FTP.