1. Home
  2. CVE Database
  3. CVE-2021-46304
HIGH · 7.5

CVE-2021-46304

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions), CP-8021 MASTER MODULE (All versions), CP-8022 M...

Vulnerability Description

A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions), CP-8021 MASTER MODULE (All versions), CP-8022 MASTER MODULE WITH GPRS (All versions). The component allows to activate a web server module which provides unauthenticated access to its web pages. This could allow an attacker to retrieve debug-level information from the component such as internal network topology or connected systems.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
SiemensCp-8021 Master Module FirmwareAll versions
SiemensCp-8021 Master Module-
SiemensCp-8000 Master Module With I\/O -25\/\+70 FirmwareAll versions
SiemensCp-8000 Master Module With I\/O -25\/\+70-
SiemensCp-8000 Master Module With I\/O -40\/\+70 FirmwareAll versions
SiemensCp-8000 Master Module With I\/O -40\/\+70-
SiemensCp-8022 Master Module With Gprs FirmwareAll versions
SiemensCp-8022 Master Module With Gprs-

Related Weaknesses (CWE)

CWE-284

References

FAQ

What is CVE-2021-46304?

CVE-2021-46304 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions), CP-8000 MASTER MODULE WITH I/O -40/+70°C (All versions), CP-8021 MASTER MODULE (All versions), CP-8022 M...

How severe is CVE-2021-46304?

CVE-2021-46304 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-46304?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Cp-8021 Master Module Firmware, Siemens Cp-8021 Master Module, Siemens Cp-8000 Master Module With I\/O -25\/\+70 Firmware, Siemens Cp-8000 Master Module With I\/O -25\/\+70, Siemens Cp-8000 Master Module With I\/O -40\/\+70 Firmware.