CVE-2021-22656: Advantech iView CommandServlet Directory Traversal Information Disclosure Vulnerability
First published: Thu Feb 11 2021(Updated: )
Advantech iView versions prior to v5.7.03.6112 are vulnerable to directory traversal, which may allow an attacker to read sensitive files.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Advantech iView | <5.7.03.6112 | |
| Advantech iView | ||
| Advantech iView versions prior to v5.7.03.6112 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this Advantech iView vulnerability?
The vulnerability ID of this Advantech iView vulnerability is CVE-2021-22656.
What is the title of this vulnerability?
The title of this vulnerability is Advantech iView CommandServlet Directory Traversal Information Disclosure Vulnerability.
What is the severity of CVE-2021-22656?
The severity of CVE-2021-22656 is high with a CVSS score of 7.5.
Which software is affected by CVE-2021-22656?
The software affected by CVE-2021-22656 is Advantech iView up to version 5.7.03.6112.
How can this vulnerability be exploited?
This vulnerability can be exploited by remote attackers to disclose sensitive information without authentication.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/title
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/references
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-21-189
- alias/ZDI-CAN-12096
- alias/CVE-2021-22656
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/event
- agent/tags
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup-request
- vendor/advantech
- canonical/advantech iview
- canonical/advantech iview versions prior to v5.7.03.6112