A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system.
References
Link | Resource |
---|---|
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-04 | Product Vendor Advisory |
https://www.tenable.com/security/research/tra-2021-50 | Exploit Third Party Advisory |
Configurations
Information
Published : 2021-07-21 08:15
Updated : 2022-01-31 11:33
NVD link : CVE-2021-22784
Mitre link : CVE-2021-22784
JSON object : View
CWE
CWE-306
Missing Authentication for Critical Function
Products Affected
schneider-electric
- c-bus_toolkit