CVE-2021-21004
6.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD
Description
In Phoenix Contact FL SWITCH SMCS series products in multiple versions an attacker may insert malicious code via LLDP frames into the web-based management which could then be executed by the client.
Affected (15)
Products: Phoenixcontact: Fl Switch Smcs 16tx Firmware, Fl Switch Smcs 14tx/2fx Firmware, Fl Switch Smcs 14tx/2fx Sm Firmware, Fl Switch Smcs 8gt Firmware, Fl Switch Smcs 6gt/2sfp Firmware, Fl Switch Smcs 8tx Pn Firmware, Fl Switch Smcs 4tx Pn Firmware, Fl Switch Smcs 8tx Firmware, Fl Switch Smcs 6tx/2sfp Firmware, Fl Switch Smn 6tx/2pof Pn Firmware, Fl Switch Smn 8tx Pn Firmware, Fl Switch Smn 6tx/2fx Firmware, Fl Switch Smn 6tx/2fx Sm Firmware, Fl Nat Smn 8tx Firmware, Fl Nat Smn 8tx M Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 16tx | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 14tx/2fx | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 14tx/2fx Sm | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 8gt | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 6gt/2sfp | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 8tx Pn | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 4tx Pn | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 8tx | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smcs 6tx/2sfp | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smn 6tx/2pof Pn | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smn 8tx Pn | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smn 6tx/2fx | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.70 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Switch Smn 6tx/2fx Sm | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.63 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Nat Smn 8tx | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 4.63 |
| Running on/with | Platform Versions |
|---|---|
Phoenixcontact Fl Nat Smn 8tx M | All versions |
References (2)
Source: info@cert.vde.com
Not ApplicableThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not ApplicableThird Party Advisory
Timeline
No history available yet.