Back to search
CVE-2021-33540
Published: Jun 25, 2021
Modified: Sep 17, 2024
PUBLISHED
CVSS v3.1
7.3
HIGH
Description
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented password protected FTP access to the root directory exists.
| Vendor | Product | Versions |
|---|---|---|
Phoenix Contact | AXL F BK | affected AXL F PN TPS XC (1068857) - < 1.30affected AXL F EIP EF (2702782) - < 1.30 |
Phoenix Contact | AXL F BK | affected AXL F PN TPS (2403869) - < 1.30 |
Phoenix Contact | AXL F BK | affected AXL F EIP (2688394) - < 1.30affected AXL F ETH (2688459) - < 1.30affected AXL F ETH XC (2701949) - < 1.30affected AXL F S3 (2701686) - < 1.40 |
Phoenix Contact | AXL F BK | affected AXL F PN (2701815) all revisionsaffected AXL F PN XC (2701222) all revisionsaffected AXL F ETH NET2 (2702177) all revisionsaffected AXL F SAS (2701457) all revisions |
Phoenix Contact | IL | affected IL PN BK-PAC (2403696) all revisionsaffected IL PN BK DI8 DO4 2TX-PAC (2703994) all revisionsaffected IL PN BK DI8 DO4 2SCRJ-PAC (2878379) all revisionsaffected IL ETH BK DI8 DO4 2TX-XC-PAC (2701388) all revisionsaffected IL ETH BK DI8 DO4 2TX-PAC (2703981) all revisions+2 more versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
References
https://cert.vde.com/en-us/advisories/vde-2021-021
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now