CVE-2021-20656

Published: Feb 24, 2021Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Exposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors.

Affected (1)

Products: Contec: Sv Cpt Mc310 Firmware

1 product

Sv Cpt Mc310 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Contec Sv Cpt Mc310 Firmware	Before 6.5

Running on/with	Platform Versions
Contec Sv Cpt Mc310	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

https://jvn.jp/en/jp/JVN37417423/index.html

Source: vultures@jpcert.or.jp

Third Party Advisory

https://www.contec.com/jp/api/downloadlogger?download=https://www.contec.com/jp/-/media/contec/jp/support/security-info/contec_security_solarview_210216.pdf

Source: vultures@jpcert.or.jp

Vendor Advisory

https://www.contec.com/jp/download/contract/contract2/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e&downloaditemid=fa248fba-8901-4d9e-8212-b139f2defbdf

Source: vultures@jpcert.or.jp

Vendor Advisory

https://jvn.jp/en/jp/JVN37417423/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.contec.com/jp/api/downloadlogger?download=https://www.contec.com/jp/-/media/contec/jp/support/security-info/contec_security_solarview_210216.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.contec.com/jp/download/contract/contract2/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e&downloaditemid=fa248fba-8901-4d9e-8212-b139f2defbdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.