CVE-2021-38399

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:honeywell:c200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:honeywell:c200:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:honeywell:c200e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:honeywell:c200e:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:honeywell:c300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:honeywell:c300:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:honeywell:application_control_environment_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:honeywell:application_control_environment:-:*:*:*:*:*:*:*

Information

Published : 2022-10-27 19:15

Updated : 2022-11-02 11:12


NVD link : CVE-2021-38399

Mitre link : CVE-2021-38399


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

honeywell

  • c300
  • c200e
  • c300_firmware
  • application_control_environment_firmware
  • c200_firmware
  • c200e_firmware
  • application_control_environment
  • c200