Vulnerability Description
In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wago | 0852-0303 Firmware | <= 1.2.3.s0 |
| Wago | 0852-0303 | - |
| Wago | 0852-1305 Firmware | <= 1.1.7.s0 |
| Wago | 0852-1305 | - |
| Wago | 0852-1505 Firmware | <= 1.1.6.s0 |
| Wago | 0852-1505 | - |
| Wago | 0852-1305\/000-001 Firmware | <= 1.0.4.s0 |
| Wago | 0852-1305\/000-001 | - |
| Wago | 0852-1505\/000-001 Firmware | <= 1.0.4.s0 |
| Wago | 0852-1505\/000-001 | - |
Related Weaknesses (CWE)
References
- https://cert.vde.com/en-us/advisories/vde-2021-013Third Party Advisory
- https://cert.vde.com/en-us/advisories/vde-2021-013Third Party Advisory
FAQ
What is CVE-2021-20993?
CVE-2021-20993 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In multiple managed switches by WAGO in different versions the activated directory listing provides an attacker with the index of the resources located inside the directory.
How severe is CVE-2021-20993?
CVE-2021-20993 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-20993?
Check the references section above for vendor advisories and patch information. Affected products include: Wago 0852-0303 Firmware, Wago 0852-0303, Wago 0852-1305 Firmware, Wago 0852-1305, Wago 0852-1505 Firmware.