schneider-electric network_management_card_2_firmware 信息暴露
CVE编号
CVE-2021-22815利用情况
暂无补丁情况
N/A披露时间
2022-01-29漏洞描述
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): AP9630/AP9630CH/AP9630J, AP9631/AP9631CH/AP9631J, AP9635/AP9635J (NMC2 AOS V6.9.8 and earlier), 3-Phase Uninterruptible Power Supply (UPS) using NMC2 including Symmetra PX 250/500 (SYPX) Network Management Card 2 (NMC2): AP9630/AP9630CH/AP9630J, AP9631/AP9631CH/AP9631J, AP9635/AP9635J (NMC2 AOS V6.9.6 and earlier), 3-Phase Uninterruptible Power Supply (UPS) using NMC2 including Symmetra PX 48/96/100/160 kW UPS (PX2), Symmetra PX 20/40 kW UPS (SY3P), Gutor (SXW, GVX), and Galaxy (GVMTS, GVMSA, GVXTS, GVXSA, G7K, GFC, G9KCHU): AP9630/AP9630CH/AP9630J, AP9631/AP9631CH/AP9631J, AP9635/AP9635CH (NMC2 AOS V6.9.6 and earlier), 1-Phase Uninterruptible Power Supply (UPS) using NMC3 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 3 (NMC3): AP9640/AP9640J, AP9641/AP9641J, AP9643/AP9643J (NMC3 AOS V1.4.2.1 and earlier), APC Rack Power Distribution Units (PDU) using NMC2 2G Metered/Switched Rack PDUs with embedded NMC2: AP84XX, AP86XX, AP88XX, AP89XX (NMC2 AOS V6.9.6 and earlier), APC Rack Power Distribution Units (PDU) using NMC3 2G Metered/Switched Rack PDUs with embedded NMC3: APDU99xx (NMC3 AOS V1.4.0 and earlier), APC 3-Phase Power Distribution Products using NMC2 Galaxy RPP: GRPPIP2X84 (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 (NMC2) for InfraStruxure 150 kVA PDU with 84 Poles (X84P): PDPB150G6F (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 for InfraStruxure 40/60kVA PDU (XPDU) PD40G6FK1-M, PD40F6FK1-M, PD40L6FK1-M, PDRPPNX10 M,PD60G6FK1, PD60F6FK1, PD60L6FK1, PDRPPNX10, PD40E5EK20-M, PD40H5EK20-M (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 for Modular 150/175kVA PDU (XRDP): PDPM150G6F, PDPM150L6F, PDPM175G6H (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 for 400 and 500 kVA (PMM): PMM400-ALA, PMM400-ALAX, PMM400-CUB, PMM500-ALA, PMM500-ALAX, PMM500-CUB (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 for Modular PDU (XRDP2G): PDPM72F-5U, PDPM138H-5U, PDPM144F, PDPM138H-R, PDPM277H, PDPM288G6H (NMC2 AOS V6.9.6 and earlier), Rack Automatic Transfer Switches (ATS) Embedded NMC2: Rack Automatic Transfer Switches - AP44XX (ATS4G) (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 (NMC2) Cooling Products: InRow Cooling for series ACRP5xx, ACRP1xx, ACRD5xx, and ACRC5xx SKUs (ACRP2G), InRow Cooling for series ACRC10x SKUs (RC10X2G), InRow Cooling for series ACRD6xx and ACRC6xx SKUs (ACRD2G), InRow Cooling Display for series ACRD3xx (ACRC2G), InRow Cooling for series ACSC1xx SKUs (SC2G), InRow Cooling for series ACRD1xx and ACRD2xx (ACRPTK2G), Ecoflair IAEC25/50 Air Economizer Display (EB2G), Uniflair SP UCF0481I, UCF0341I (UNFLRSP), Uniflair LE DX Perimeter Cooling Display for SKUs: IDAV, IDEV, IDWV, IUAV, IUEV, IUWV, IXAV, IXEV, IXWV, LDAV, LDEV, and LDWV (LEDX2G), Refrigerant Distribution Unit: ACDA9xx (RDU) (NMC2 AOS V6.9.6 and earlier), Environmental Monitoring Unit with embedded NMC2 (NB250): NetBotz NBRK0250 (NMC2 AOS V6.9.6 and earlier), and Network Management Card 2 (NMC2): AP9922 Battery Management System (BM4) (NMC2 AOS V6.9.6 and earlier)解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-03 |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | schneider-electric | network_management_card_2_firmware | * | Up to (including) 6.9.6 | |||||
| 运行在以下环境 | |||||||||
| 系统 | schneider-electric | network_management_card_2_firmware | * | Up to (including) 6.9.8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | schneider-electric | network_management_card_3_firmware | * | Up to (including) 1.4.0 | |||||
| 运行在以下环境 | |||||||||
| 系统 | schneider-electric | network_management_card_3_firmware | * | Up to (including) 1.4.2.1 | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | ap9922_battery_management_system | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | apc_rack_power_distribution_units | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_3500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_g7x | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_g9kchu | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_gcxsa | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_gfc | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_gvmsa | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_gvmts | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_gvxts | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | galaxy_rpp_grppip2x84 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | gutor_gvx | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | gutor_sxw | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | netbotz_nbrk0250 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | network_management_card_2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | network_management_card_3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pd40e5ek20-m | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pd40f6fk1-m | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pd40g6fk1-m | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pd40h5ek20-m | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pd40l6fk1-m | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pd60f6fk1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pd60g6fk1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pd60l6fk1 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpb150g6f | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm138h-5u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm138h-r | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm144f | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm150g6f | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm150l6f | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm175g6h | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm277h | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm288g6h | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdpm72f-5u | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdrppnx10 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pdrppnx10m | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pmm400-ala | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pmm400-alax | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pmm400-cub | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pmm500-ala | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pmm500-alax | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | pmm500-cub | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | rack_automatic_transfer_switches | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | single-phase_symmetra | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | smart-ups | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | symmetra_px_100 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | symmetra_px_160 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | symmetra_px_20 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | symmetra_px_250 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | symmetra_px_40 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | symmetra_px_48 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | symmetra_px_500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | schneider-electric | symmetra_px_96 | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 无
- 保密性 低
- 完整性 无
| CWE-ID | 漏洞类型 |
| CWE-200 | 信息暴露 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论