CVE-2021-22815: Infoleak
First published: Fri Jan 28 2022(Updated: )
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): AP9630/AP9630CH/AP9630J, AP9631/AP9631CH/AP9631J, AP9635/AP9635J (NMC2 AOS V6.9.8 and earlier), 3-Phase Uninterruptible Power Supply (UPS) using NMC2 including Symmetra PX 250/500 (SYPX) Network Management Card 2 (NMC2): AP9630/AP9630CH/AP9630J, AP9631/AP9631CH/AP9631J, AP9635/AP9635J (NMC2 AOS V6.9.6 and earlier), 3-Phase Uninterruptible Power Supply (UPS) using NMC2 including Symmetra PX 48/96/100/160 kW UPS (PX2), Symmetra PX 20/40 kW UPS (SY3P), Gutor (SXW, GVX), and Galaxy (GVMTS, GVMSA, GVXTS, GVXSA, G7K, GFC, G9KCHU): AP9630/AP9630CH/AP9630J, AP9631/AP9631CH/AP9631J, AP9635/AP9635CH (NMC2 AOS V6.9.6 and earlier), 1-Phase Uninterruptible Power Supply (UPS) using NMC3 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 3 (NMC3): AP9640/AP9640J, AP9641/AP9641J, AP9643/AP9643J (NMC3 AOS V1.4.2.1 and earlier), APC Rack Power Distribution Units (PDU) using NMC2 2G Metered/Switched Rack PDUs with embedded NMC2: AP84XX, AP86XX, AP88XX, AP89XX (NMC2 AOS V6.9.6 and earlier), APC Rack Power Distribution Units (PDU) using NMC3 2G Metered/Switched Rack PDUs with embedded NMC3: APDU99xx (NMC3 AOS V1.4.0 and earlier), APC 3-Phase Power Distribution Products using NMC2 Galaxy RPP: GRPPIP2X84 (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 (NMC2) for InfraStruxure 150 kVA PDU with 84 Poles (X84P): PDPB150G6F (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 for InfraStruxure 40/60kVA PDU (XPDU) PD40G6FK1-M, PD40F6FK1-M, PD40L6FK1-M, PDRPPNX10 M,PD60G6FK1, PD60F6FK1, PD60L6FK1, PDRPPNX10, PD40E5EK20-M, PD40H5EK20-M (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 for Modular 150/175kVA PDU (XRDP): PDPM150G6F, PDPM150L6F, PDPM175G6H (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 for 400 and 500 kVA (PMM): PMM400-ALA, PMM400-ALAX, PMM400-CUB, PMM500-ALA, PMM500-ALAX, PMM500-CUB (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 for Modular PDU (XRDP2G): PDPM72F-5U, PDPM138H-5U, PDPM144F, PDPM138H-R, PDPM277H, PDPM288G6H (NMC2 AOS V6.9.6 and earlier), Rack Automatic Transfer Switches (ATS) Embedded NMC2: Rack Automatic Transfer Switches - AP44XX (ATS4G) (NMC2 AOS V6.9.6 and earlier), Network Management Card 2 (NMC2) Cooling Products: InRow Cooling for series ACRP5xx, ACRP1xx, ACRD5xx, and ACRC5xx SKUs (ACRP2G), InRow Cooling for series ACRC10x SKUs (RC10X2G), InRow Cooling for series ACRD6xx and ACRC6xx SKUs (ACRD2G), InRow Cooling Display for series ACRD3xx (ACRC2G), InRow Cooling for series ACSC1xx SKUs (SC2G), InRow Cooling for series ACRD1xx and ACRD2xx (ACRPTK2G), Ecoflair IAEC25/50 Air Economizer Display (EB2G), Uniflair SP UCF0481I, UCF0341I (UNFLRSP), Uniflair LE DX Perimeter Cooling Display for SKUs: IDAV, IDEV, IDWV, IUAV, IUEV, IUWV, IXAV, IXEV, IXWV, LDAV, LDEV, and LDWV (LEDX2G), Refrigerant Distribution Unit: ACDA9xx (RDU) (NMC2 AOS V6.9.6 and earlier), Environmental Monitoring Unit with embedded NMC2 (NB250): NetBotz NBRK0250 (NMC2 AOS V6.9.6 and earlier), and Network Management Card 2 (NMC2): AP9922 Battery Management System (BM4) (NMC2 AOS V6.9.6 and earlier)
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Network Management Card 2 Firmware | <=6.9.8 | |
| Schneider-electric Galaxy 3500 | ||
| Schneider-electric Network Management Card 2 | ||
| Schneider-electric Single-phase Symmetra | ||
| Schneider-electric Smart-ups | ||
| Schneider-electric Network Management Card 2 Firmware | <=6.9.6 | |
| Schneider-electric Ap9922 Battery Management System | ||
| Schneider-electric Apc Rack Power Distribution Units | ||
| Schneider-electric Galaxy G7x | ||
| Schneider-electric Galaxy G9kchu | ||
| Schneider-electric Galaxy Gcxsa | ||
| Schneider-electric Galaxy Gfc | ||
| Schneider-electric Galaxy Gvmsa | ||
| Schneider-electric Galaxy Gvmts | ||
| Schneider-electric Galaxy Gvxts | ||
| Schneider-electric Galaxy Rpp Grppip2x84 | ||
| Schneider-electric Gutor Gvx | ||
| Schneider-electric Gutor Sxw | ||
| Schneider-electric Netbotz Nbrk0250 | ||
| Schneider-electric Pd40e5ek20-m | ||
| Schneider-electric Pd40f6fk1-m | ||
| Schneider-electric Pd40g6fk1-m | ||
| Schneider-electric Pd40h5ek20-m | ||
| Schneider-electric Pd40l6fk1-m | ||
| Schneider-electric Pd60f6fk1 | ||
| Schneider-electric Pd60g6fk1 | ||
| Schneider-electric Pd60l6fk1 | ||
| Schneider-electric Pdpb150g6f | ||
| Schneider-electric Pdpm138h-5u | ||
| Schneider-electric Pdpm138h-r | ||
| Schneider-electric Pdpm144f | ||
| Schneider-electric Pdpm150g6f | ||
| Schneider-electric Pdpm150l6f | ||
| Schneider-electric Pdpm175g6h | ||
| Schneider-electric Pdpm277h | ||
| Schneider-electric Pdpm288g6h | ||
| Schneider-electric Pdpm72f-5u | ||
| Schneider-electric Pdrppnx10 | ||
| Schneider-electric Pdrppnx10m | ||
| Schneider-electric Pmm400-ala | ||
| Schneider-electric Pmm400-alax | ||
| Schneider-electric Pmm400-cub | ||
| Schneider-electric Pmm500-ala | ||
| Schneider-electric Pmm500-alax | ||
| Schneider-electric Pmm500-cub | ||
| Schneider-electric Rack Automatic Transfer Switches | ||
| Schneider-electric Symmetra Px 100 | ||
| Schneider-electric Symmetra Px 160 | ||
| Schneider-electric Symmetra Px 20 | ||
| Schneider-electric Symmetra Px 250 | ||
| Schneider-electric Symmetra Px 40 | ||
| Schneider-electric Symmetra Px 48 | ||
| Schneider-electric Symmetra Px 500 | ||
| Schneider-electric Symmetra Px 96 | ||
| Schneider-electric Network Management Card 3 Firmware | <=1.4.2.1 | |
| Schneider-electric Network Management Card 3 | ||
| Schneider-electric Network Management Card 3 Firmware | <=1.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/schneider-electric
- canonical/schneider-electric network management card 2 firmware
- version/schneider-electric network management card 2 firmware/6.9.8
- canonical/schneider-electric galaxy 3500
- canonical/schneider-electric network management card 2
- canonical/schneider-electric single-phase symmetra
- canonical/schneider-electric smart-ups
- version/schneider-electric network management card 2 firmware/6.9.6
- canonical/schneider-electric ap9922 battery management system
- canonical/schneider-electric apc rack power distribution units
- canonical/schneider-electric galaxy g7x
- canonical/schneider-electric galaxy g9kchu
- canonical/schneider-electric galaxy gcxsa
- canonical/schneider-electric galaxy gfc
- canonical/schneider-electric galaxy gvmsa
- canonical/schneider-electric galaxy gvmts
- canonical/schneider-electric galaxy gvxts
- canonical/schneider-electric galaxy rpp grppip2x84
- canonical/schneider-electric gutor gvx
- canonical/schneider-electric gutor sxw
- canonical/schneider-electric netbotz nbrk0250
- canonical/schneider-electric pd40e5ek20-m
- canonical/schneider-electric pd40f6fk1-m
- canonical/schneider-electric pd40g6fk1-m
- canonical/schneider-electric pd40h5ek20-m
- canonical/schneider-electric pd40l6fk1-m
- canonical/schneider-electric pd60f6fk1
- canonical/schneider-electric pd60g6fk1
- canonical/schneider-electric pd60l6fk1
- canonical/schneider-electric pdpb150g6f
- canonical/schneider-electric pdpm138h-5u
- canonical/schneider-electric pdpm138h-r
- canonical/schneider-electric pdpm144f
- canonical/schneider-electric pdpm150g6f
- canonical/schneider-electric pdpm150l6f
- canonical/schneider-electric pdpm175g6h
- canonical/schneider-electric pdpm277h
- canonical/schneider-electric pdpm288g6h
- canonical/schneider-electric pdpm72f-5u
- canonical/schneider-electric pdrppnx10
- canonical/schneider-electric pdrppnx10m
- canonical/schneider-electric pmm400-ala
- canonical/schneider-electric pmm400-alax
- canonical/schneider-electric pmm400-cub
- canonical/schneider-electric pmm500-ala
- canonical/schneider-electric pmm500-alax
- canonical/schneider-electric pmm500-cub
- canonical/schneider-electric rack automatic transfer switches
- canonical/schneider-electric symmetra px 100
- canonical/schneider-electric symmetra px 160
- canonical/schneider-electric symmetra px 20
- canonical/schneider-electric symmetra px 250
- canonical/schneider-electric symmetra px 40
- canonical/schneider-electric symmetra px 48
- canonical/schneider-electric symmetra px 500
- canonical/schneider-electric symmetra px 96
- canonical/schneider-electric network management card 3 firmware
- version/schneider-electric network management card 3 firmware/1.4.2.1
- canonical/schneider-electric network management card 3
- version/schneider-electric network management card 3 firmware/1.4.0