cvelistv5 - cve-2020-7521

CVE-2020-7521 (GCVE-0-2020-7521)

Vulnerability from cvelistv5 – Published: 2020-08-31 16:10 – Updated: 2024-08-04 09:33

Summary

Severity ?

No CVSS data available.

CWE

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Assigner

schneider

References

URL

Tags

https://www.se.com/ww/en/download/document/SEVD-2…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier	Affected: SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.645Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-31T16:10:12",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7521",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7521",
    "datePublished": "2020-08-31T16:10:12",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.645Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:schneider-electric:apc_easy_ups_online_software:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.0\", \"matchCriteriaId\": \"FA7E7A50-2B5B-4067-902A-A0A0722BB653\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories.\"}, {\"lang\": \"es\", \"value\": \"Se presenta una vulnerabilidad de Limitaci\\u00f3n Inapropiada de un Nombre de Ruta en un Directorio Restringido (\\\"Path Traversal\\\") en SFAPV9601 - APC Easy UPS On-Line Software (versiones V2.0 y anteriores) cuando se accede a un m\\u00e9todo vulnerable de \\\"FileUploadServlet\\\" puede conllevar a una carga de archivos ejecutables hacia directorios no especificados\"}]",
      "id": "CVE-2020-7521",
      "lastModified": "2024-11-21T05:37:18.313",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-08-31T17:15:12.233",
      "references": "[{\"url\": \"https://www.se.com/ww/en/download/document/SEVD-2020-224-04/\", \"source\": \"cybersecurity@se.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.se.com/ww/en/download/document/SEVD-2020-224-04/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cybersecurity@se.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cybersecurity@se.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-7521\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2020-08-31T17:15:12.233\",\"lastModified\":\"2024-11-21T05:37:18.313\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de Limitaci\u00f3n Inapropiada de un Nombre de Ruta en un Directorio Restringido (\\\"Path Traversal\\\") en SFAPV9601 - APC Easy UPS On-Line Software (versiones V2.0 y anteriores) cuando se accede a un m\u00e9todo vulnerable de \\\"FileUploadServlet\\\" puede conllevar a una carga de archivos ejecutables hacia directorios no especificados\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cybersecurity@se.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:apc_easy_ups_online_software:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0\",\"matchCriteriaId\":\"FA7E7A50-2B5B-4067-902A-A0A0722BB653\"}]}]}],\"references\":[{\"url\":\"https://www.se.com/ww/en/download/document/SEVD-2020-224-04/\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.se.com/ww/en/download/document/SEVD-2020-224-04/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GHSA-2V88-F22X-FW8J

Vulnerability from github – Published: 2022-05-24 17:27 – Updated: 2022-05-24 17:27

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-7521"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-08-31T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories.",
  "id": "GHSA-2v88-f22x-fw8j",
  "modified": "2022-05-24T17:27:03Z",
  "published": "2022-05-24T17:27:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7521"
    },
    {
      "type": "WEB",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2020-7521

Vulnerability from fkie_nvd - Published: 2020-08-31 17:15 - Updated: 2024-11-21 05:37

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	cybersecurity@se.com	https://www.se.com/ww/en/download/document/SEVD-2020-224-04/	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.se.com/ww/en/download/document/SEVD-2020-224-04/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	schneider-electric	apc_easy_ups_online_software	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:apc_easy_ups_online_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA7E7A50-2B5B-4067-902A-A0A0722BB653",
              "versionEndIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de Limitaci\u00f3n Inapropiada de un Nombre de Ruta en un Directorio Restringido (\"Path Traversal\") en SFAPV9601 - APC Easy UPS On-Line Software (versiones V2.0 y anteriores) cuando se accede a un m\u00e9todo vulnerable de \"FileUploadServlet\" puede conllevar a una carga de archivos ejecutables hacia directorios no especificados"
    }
  ],
  "id": "CVE-2020-7521",
  "lastModified": "2024-11-21T05:37:18.313",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-08-31T17:15:12.233",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    }
  ]
}

VAR-202008-1030

Vulnerability from variot - Updated: 2023-12-18 12:49

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of FileUploadServlet which may lead to uploading executable files to non-specified directories. * Past traversal (CWE-22) - CVE-2020-7521 , CVE-2020-7522By a remote third party, " FileUploadServlet , " SoundUploadServlet Accessed the method and uploaded the executable file to an unspecified directory - CVE-2020-7521 , CVE-2020-7522. Authentication is not required to exploit this vulnerability.The specific flaw exists within the FileUploadServlet class. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202008-1030",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "apc easy ups online software",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "schneider electric",
        "version": "2.0"
      },
      {
        "model": "apc easy ups on-line software sfapv9601",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "v2.0"
      },
      {
        "model": "apc easy ups online",
        "scope": null,
        "trust": 0.7,
        "vendor": "schneider electric",
        "version": null
      },
      {
        "model": "electric apc easy ups on-line",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "schneider",
        "version": "\u003c=2.0"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7521"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:schneider-electric:apc_easy_ups_online_software:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7521"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "rgod",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-1006"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2020-7521",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-46797",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "IPA score",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-007431",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-7521",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-7521",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2020-007431",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "ZDI",
            "id": "CVE-2020-7521",
            "trust": 0.7,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-46797",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202008-596",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7521"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories. * Past traversal (CWE-22) - CVE-2020-7521 , CVE-2020-7522By a remote third party, \" FileUploadServlet , \" SoundUploadServlet Accessed the method and uploaded the executable file to an unspecified directory - CVE-2020-7521 , CVE-2020-7522. Authentication is not required to exploit this vulnerability.The specific flaw exists within the FileUploadServlet class. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7521"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-7521",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-224-02",
        "trust": 2.0
      },
      {
        "db": "SCHNEIDER",
        "id": "SEVD-2020-224-04",
        "trust": 1.6
      },
      {
        "db": "ZDI",
        "id": "ZDI-20-1006",
        "trust": 1.3
      },
      {
        "db": "JVN",
        "id": "JVNVU90099158",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-10604",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2761",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-596",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7521"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ]
  },
  "id": "VAR-202008-1030",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:49:32.958000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Schneider Electric Security Notification",
        "trust": 0.8,
        "url": "https://download.schneider-electric.com/files?p_file_name=sevd-2020-224-04_apc_easy_ups_on-line_software_security_notification.pdf"
      },
      {
        "title": "Schneider Electric has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-02"
      },
      {
        "title": "Patch for Schneider Electric APC Easy UPS On-Line FileUploadServlet path traversal vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/231085"
      },
      {
        "title": "Schneider Electric APC Easy UPS On-Line Software Repair measures for path traversal vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=126634"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-22",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7521"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.7,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-02"
      },
      {
        "trust": 1.6,
        "url": "https://www.se.com/ww/en/download/document/sevd-2020-224-04/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7521"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7522"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu90099158"
      },
      {
        "trust": 0.6,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-20-1006/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2761/"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7521"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7521"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7521"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-17T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "date": "2020-08-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      },
      {
        "date": "2020-08-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "date": "2020-08-31T17:15:12.233000",
        "db": "NVD",
        "id": "CVE-2020-7521"
      },
      {
        "date": "2020-08-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-17T00:00:00",
        "db": "ZDI",
        "id": "ZDI-20-1006"
      },
      {
        "date": "2020-08-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-46797"
      },
      {
        "date": "2020-08-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      },
      {
        "date": "2020-09-04T18:20:43.407000",
        "db": "NVD",
        "id": "CVE-2020-7521"
      },
      {
        "date": "2021-01-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Schneider Electric Made  APC Easy UPS On-Line Software Path Traversal Vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-007431"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "path traversal",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-596"
      }
    ],
    "trust": 0.6
  }
}

ICSA-20-224-02

Vulnerability from csaf_cisa - Published: 2020-08-11 00:00 - Updated: 2020-08-11 00:00

Summary

Schneider Electric APC Easy UPS On-Line

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could lead to remote code execution.

Critical infrastructure sectors

Multiple

Countries/areas deployed

Worldwide

Company headquarters location

France

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "rgod"
        ],
        "organization": "Trend Micro \u0027s Zero Day Initiative",
        "summary": "reporting these vulnerabilities to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could lead to remote code execution.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Multiple",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "France",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-224-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-224-02.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-224-02 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-224-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Schneider Electric APC Easy UPS On-Line",
    "tracking": {
      "current_release_date": "2020-08-11T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-20-224-02",
      "initial_release_date": "2020-08-11T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2020-08-11T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-20-224-02 Schneider Electric APC Easy UPS On-Line"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 2.0",
                "product": {
                  "name": "SFAPV9601: v2.0 and earlier",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SFAPV9601"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric Software, LLC"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-7521",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists when accessing a vulnerable method of `FileUploadServlet` that may lead to uploading executable files to non-specified directories.CVE-2020-7521 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7521"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users of versions below v2.1 to update to the latest version as soon as possible.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/ww/en/product/SFAPV9601/apc-easy-ups-online-software/"
        },
        {
          "category": "mitigation",
          "details": "Please see the Schneider Electric Security Bulletin - SEVD-2020-224-04 for more details of these vulnerabilities.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-7522",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability exists when accessing a vulnerable method of `SoundUploadServlet` that may lead to uploading executable files to non-specified directories.CVE-2020-7522 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7522"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends users of versions below v2.1 to update to the latest version as soon as possible.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/ww/en/product/SFAPV9601/apc-easy-ups-online-software/"
        },
        {
          "category": "mitigation",
          "details": "Please see the Schneider Electric Security Bulletin - SEVD-2020-224-04 for more details of these vulnerabilities.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

CERTFR-2020-AVI-493

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	Wiser pour KNX (anciennement homeLYnk) versions antérieures à V2.5.1
Schneider Electric	N/A	SoMove versions antérieures à V2.8.2
Schneider Electric	N/A	Harmony eXLhoist versions antérieures à V04.00.03.00
Schneider Electric	N/A	Modicon M218 Logic Controller versions antérieures à V5.0.0.8
Schneider Electric	N/A	PowerChute Business Edition versions antérieures à V9.1
Schneider Electric	N/A	Schneider Electric Modbus Driver Suite versions antérieures à V14.15.0.0
Schneider Electric	N/A	APC Easy UPS On-Line versions antérieures à V2.1
Schneider Electric	N/A	spaceLYnk versions antérieures à V2.5.1
Schneider Electric	N/A	Schneider Electric Modbus Serial Driver (64 bits) versions antérieures à V3.20 IE 30
Schneider Electric	N/A	Schneider Electric Modbus Serial Driver (32 bits) versions antérieures à V2.20 IE 30

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider Electric SEVD-2020-224-06 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-02 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-03 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-05 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-01 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-07 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-04 du 11 août 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Wiser pour KNX (anciennement homeLYnk) versions ant\u00e9rieures \u00e0 V2.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "SoMove versions ant\u00e9rieures \u00e0 V2.8.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Harmony eXLhoist versions ant\u00e9rieures \u00e0 V04.00.03.00",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M218 Logic Controller versions ant\u00e9rieures \u00e0 V5.0.0.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "PowerChute Business Edition versions ant\u00e9rieures \u00e0 V9.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Modbus Driver Suite versions ant\u00e9rieures \u00e0 V14.15.0.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "APC Easy UPS On-Line versions ant\u00e9rieures \u00e0 V2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "spaceLYnk versions ant\u00e9rieures \u00e0 V2.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Modbus Serial Driver (64 bits) versions ant\u00e9rieures \u00e0 V3.20 IE 30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Modbus Serial Driver (32 bits) versions ant\u00e9rieures \u00e0 V2.20 IE 30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7522"
    },
    {
      "name": "CVE-2020-7525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7525"
    },
    {
      "name": "CVE-2020-7523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7523"
    },
    {
      "name": "CVE-2019-19193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19193"
    },
    {
      "name": "CVE-2020-7524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7524"
    },
    {
      "name": "CVE-2020-7526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7526"
    },
    {
      "name": "CVE-2020-7527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7527"
    },
    {
      "name": "CVE-2020-7521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7521"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-493",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-08-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-06 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-06/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-02 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-02/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-03 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-03/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-05 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-05/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-01 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-01/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-07 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-07/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-04 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
    }
  ]
}

CERTFR-2020-AVI-493

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	Wiser pour KNX (anciennement homeLYnk) versions antérieures à V2.5.1
Schneider Electric	N/A	SoMove versions antérieures à V2.8.2
Schneider Electric	N/A	Harmony eXLhoist versions antérieures à V04.00.03.00
Schneider Electric	N/A	Modicon M218 Logic Controller versions antérieures à V5.0.0.8
Schneider Electric	N/A	PowerChute Business Edition versions antérieures à V9.1
Schneider Electric	N/A	Schneider Electric Modbus Driver Suite versions antérieures à V14.15.0.0
Schneider Electric	N/A	APC Easy UPS On-Line versions antérieures à V2.1
Schneider Electric	N/A	spaceLYnk versions antérieures à V2.5.1
Schneider Electric	N/A	Schneider Electric Modbus Serial Driver (64 bits) versions antérieures à V3.20 IE 30
Schneider Electric	N/A	Schneider Electric Modbus Serial Driver (32 bits) versions antérieures à V2.20 IE 30

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider Electric SEVD-2020-224-06 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-02 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-03 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-05 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-01 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-07 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2020-224-04 du 11 août 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Wiser pour KNX (anciennement homeLYnk) versions ant\u00e9rieures \u00e0 V2.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "SoMove versions ant\u00e9rieures \u00e0 V2.8.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Harmony eXLhoist versions ant\u00e9rieures \u00e0 V04.00.03.00",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Modicon M218 Logic Controller versions ant\u00e9rieures \u00e0 V5.0.0.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "PowerChute Business Edition versions ant\u00e9rieures \u00e0 V9.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Modbus Driver Suite versions ant\u00e9rieures \u00e0 V14.15.0.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "APC Easy UPS On-Line versions ant\u00e9rieures \u00e0 V2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "spaceLYnk versions ant\u00e9rieures \u00e0 V2.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Modbus Serial Driver (64 bits) versions ant\u00e9rieures \u00e0 V3.20 IE 30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    },
    {
      "description": "Schneider Electric Modbus Serial Driver (32 bits) versions ant\u00e9rieures \u00e0 V2.20 IE 30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Schneider Electric",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7522"
    },
    {
      "name": "CVE-2020-7525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7525"
    },
    {
      "name": "CVE-2020-7523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7523"
    },
    {
      "name": "CVE-2019-19193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19193"
    },
    {
      "name": "CVE-2020-7524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7524"
    },
    {
      "name": "CVE-2020-7526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7526"
    },
    {
      "name": "CVE-2020-7527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7527"
    },
    {
      "name": "CVE-2020-7521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7521"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-493",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-08-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-06 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-06/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-02 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-02/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-03 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-03/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-05 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-05/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-01 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-01/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-07 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-07/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2020-224-04 du 11 ao\u00fbt 2020",
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
    }
  ]
}

GSD-2020-7521

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-7521

Aliases

CVE-2020-7521

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-7521",
    "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories.",
    "id": "GSD-2020-7521"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-7521"
      ],
      "details": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories.",
      "id": "GSD-2020-7521",
      "modified": "2023-12-13T01:21:51.832475Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cybersecurity@schneider-electric.com",
        "ID": "CVE-2020-7521",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/",
            "refsource": "MISC",
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:schneider-electric:apc_easy_ups_online_software:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7521"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-224-04/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-09-04T18:20Z",
      "publishedDate": "2020-08-31T17:15Z"
    }
  }
}

CNVD-2020-46797

Vulnerability from cnvd - Published: 2020-08-19

Title

Schneider Electric APC Easy UPS On-Line FileUploadServlet路径遍历漏洞

Description

Schneider Electric APC Easy UPS On-Line是一款UPS解决方案。 Schneider Electric APC Easy UPS On-Line FileUploadServlet存在路径遍历漏洞，远程攻击者可利用漏洞该提交特殊的请求，上传任意文件到任意目录。

Severity

高

Patch Name

Schneider Electric APC Easy UPS On-Line FileUploadServlet路径遍历漏洞的补丁

Patch Description

Schneider Electric APC Easy UPS On-Line是一款UPS解决方案。 Schneider Electric APC Easy UPS On-Line FileUploadServlet存在路径遍历漏洞，远程攻击者可利用漏洞该提交特殊的请求，上传任意文件到任意目录。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.se.com/ww/en/download/document/SEVD-2020-224-04/

Reference

https://us-cert.cisa.gov/ics/advisories/icsa-20-224-02

Impacted products

Name
Schneider Electric APC Easy UPS On-Line <=2.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-7521",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-7521"
    }
  },
  "description": "Schneider Electric APC Easy UPS On-Line\u662f\u4e00\u6b3eUPS\u89e3\u51b3\u65b9\u6848\u3002\n\nSchneider Electric APC Easy UPS On-Line FileUploadServlet\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8be5\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u4e0a\u4f20\u4efb\u610f\u6587\u4ef6\u5230\u4efb\u610f\u76ee\u5f55\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.se.com/ww/en/download/document/SEVD-2020-224-04/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-46797",
  "openTime": "2020-08-19",
  "patchDescription": "Schneider Electric APC Easy UPS On-Line\u662f\u4e00\u6b3eUPS\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nSchneider Electric APC Easy UPS On-Line FileUploadServlet\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8be5\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u4e0a\u4f20\u4efb\u610f\u6587\u4ef6\u5230\u4efb\u610f\u76ee\u5f55\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Schneider Electric APC Easy UPS On-Line FileUploadServlet\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Schneider Electric APC Easy UPS On-Line \u003c=2.0"
  },
  "referenceLink": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-02",
  "serverity": "\u9ad8",
  "submitTime": "2020-08-17",
  "title": "Schneider Electric APC Easy UPS On-Line FileUploadServlet\u8def\u5f84\u904d\u5386\u6f0f\u6d1e"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-7521 (GCVE-0-2020-7521)

Solution

Solution

Tags

Sightings

Nomenclature